diff --git a/en/handbook/README b/en/handbook/README index 0bea96c5af..aac7bfec7f 100644 --- a/en/handbook/README +++ b/en/handbook/README @@ -460,3 +460,4 @@ for example, 40. . . . to line 20370 . . . + 41. . . . to line 24997 . . . diff --git a/en/handbook/handbook.sgml b/en/handbook/handbook.sgml index 60a35a95d9..e7012040e0 100644 --- a/en/handbook/handbook.sgml +++ b/en/handbook/handbook.sgml @@ -20395,18 +20395,19 @@ AT&B2&W On your system, the programs tip and cu are probably executable only - by uucp and group dialer. You can use the group dialer to control who has access to your + by uucp and group + dialer. You can use the group dialer to control who has access to your modem or remote systems. Just add yourself to group dialer. Alternatively, you can let everyone on your system run - tip and cu by typing: + tip and cu by typing: &prompt.root; chmod 4511 /usr/bin/tip - You do not have to run + + + You do not have to run this command for cu, since cu is just a hard link to tip. @@ -20421,16 +20422,16 @@ AT&B2&W The Hayes driver is not smart enough to recognize some of the advanced features of newer modems--messages like - BUSY, NO - DIALTONE, or CONNECT - 115200 will just confuse it. You should turn those + BUSY, NO + DIALTONE, or CONNECT + 115200 will just confuse it. You should turn those messages off when you use tip (using - ATX0&W). + ATX0&W). Also, the dial timeout for tip is 60 seconds. Your modem should use something less, or else tip will think there is a communication problem. Try - ATS7=45&W. + ATS7=45&W. Actually, as shipped tip does not yet support it fully. The solution is to edit the file @@ -20450,32 +20451,36 @@ AT&B2&W id="direct-at"> How am I expected to enter these AT commands? - Make what is called a direct + Make what is called a direct entry in your /etc/remote file. For example, if your modem is hooked up to the first serial port, - /dev/cuaa0, then put in the following line: + /dev/cuaa0, then put in the following line: cuaa0:dv=/dev/cuaa0:br#19200:pa=none - Use the highest bps rate your modem supports in + + + Use the highest bps rate your modem supports in the br capability. Then, type tip cuaa0 and you will be connected to your modem. If there is no /dev/cuaa0 on your system, - do this: + do this: &prompt.root; cd /dev &prompt.root; MAKEDEV cuaa0 - + - Or use cu as root with the following command: + Or use cu as root with the following command: &prompt.root; cu -lline -sspeed - with line being the - serial port (e.g./dev/cuaa0) and speed being + + + line is the + serial port (e.g./dev/cuaa0) and speed is the speed (e.g.57600). When you are done entering the AT commands hit ~. to exit. @@ -20486,36 +20491,38 @@ cuaa0:dv=/dev/cuaa0:br#19200:pa=none The <literal>@</literal> sign for the pn capability does not work! - The @ sign in the phone number capability tells + The @ sign in the phone number capability tells tip to look in /etc/phones for a phone - number. But the @ sign is also a special character + number. But the @ sign is also a special character in capability files like /etc/remote. Escape - it with a backslash: + it with a backslash: pn=\@ - + How can I dial a phone number on the command line? - Put what is called a generic - entry in your /etc/remote file. For example: + Put what is called a generic + entry in your /etc/remote file. For example: tip115200|Dial any phone number at 115200 bps:\ :dv=/dev/cuaa0:br#115200:at=hayes:pa=none:du: tip57600|Dial any phone number at 57600 bps:\ :dv=/dev/cuaa0:br#57600:at=hayes:pa=none:du: - + - Then you can things like + Then you can things like: &prompt.root; tip -115200 5551234 - . If you prefer cu over tip, + + + If you prefer cu over tip, use a generic cu entry: @@ -20546,7 +20553,7 @@ cu115200|Use cu to dial any number at 115200bps:\ Rather than waiting until you are connected and typing CONNECT <host> each time, - use tip's cm capability. For + use tip's cm capability. For example, these entries in /etc/remote: @@ -20556,9 +20563,9 @@ muffin|muffin.deep13.com|Frank's machine:\ :cm=CONNECT muffin\n:tc=deep13: deep13:Gizmonics Institute terminal server:\ :dv=/dev/cua02:br#38400:at=hayes:du:pa=none:pn=5551234: - + - will let you type tip pain + will let you type tip pain or tip muffin to connect to the hosts pain or muffin; and tip deep13 to get to the terminal server. @@ -20573,24 +20580,24 @@ deep13:Gizmonics Institute terminal server:\ Make an entry for your university in /etc/remote and use @ for the - pn capability: + pn capability: big-university:\ :pn=\@:tc=dialout dialout:\ :dv=/dev/cuaa3:br#9600:at=courier:du:pa=none: - + Then, list the phone numbers for the university in - /etc/phones: + /etc/phones: big-university 5551111 big-university 5551112 big-university 5551113 big-university 5551114 - + tip will try each one in the listed order, then give up. If you want to keep retrying, run @@ -20608,23 +20615,20 @@ big-university 5551114 character with the ~s escape, which means set a variable. - Type ~sforce=<single-char> - followed by a newline. <single-char> is any single character. - If you leave out <single-char>, then the force + Type ~sforce=single-char + followed by a newline. single-char is any single character. + If you leave out single-char, then the force character is the nul character, which you can get by typing CTRL+2 - or CTRL+SPACE. A pretty good value for <single-char> is SHIFT+CTRL+6, which I + or CTRL+SPACE. A pretty good value for single-char is SHIFT+CTRL+6, which I have seen only used on some terminal servers. You can have the force character be whatever you want by specifying the following in your - $HOME/.tiprc file: + $HOME/.tiprc file: force=<single-char> - + @@ -20638,14 +20642,14 @@ force=<single-char> of these features. Here is a sample .tiprc file perfect for Emacs users who need - to type CTRL+2 and CTRL+A a lot: + to type CTRL+2 and CTRL+A a lot: force=^^ raisechar=^^ - The ^^ is SHIFT+CTRL+6. + The ^^ is SHIFT+CTRL+6. @@ -20656,7 +20660,7 @@ raisechar=^^ receive files with ~p (put) and ~t (take). These commands run cat and echo on the remote system to accept and - send files. The syntax is: + send files. The syntax is: ~p @@ -20668,7 +20672,7 @@ raisechar=^^ ~t remote-file local-file - + There is no error checking, so you probably should use another protocol, like zmodem. @@ -20683,7 +20687,7 @@ raisechar=^^ receiving them locally. To send files, start the receiving program on the remote end. - Then, type ~C sz <files> + Then, type ~C sz files to send them to the remote system. @@ -20697,7 +20701,7 @@ raisechar=^^ to provide other people with dialup connections to the Internet using FreeBSD, you have the option of using PPP or SLIP. Furthermore, two varieties of PPP are provided: user (sometimes - referred to as iijppp) and kernel. The + referred to as iijppp) and kernel. The procedures for configuring both types of PPP, and for setting up SLIP are described in this chapter. @@ -20711,15 +20715,15 @@ raisechar=^^ different about this new PPP that warrants its addition? To quote from the manual page: - +
This is a user process PPP software package. Normally, PPP - is implemented as a part of the kernel (e.g. as managed by pppd) + is implemented as a part of the kernel (e.g. as managed by pppd) and it is thus somewhat hard to debug and/or modify its behavior. However, in this implementation PPP is done as a user process with the help of the tunnel device driver (tun).
- + In essence, this means that rather than running a PPP daemon, the ppp program can be run as and when desired. No PPP interface @@ -20728,7 +20732,7 @@ raisechar=^^ From here on out, user ppp will be referred to simply as ppp unless a distinction needs to be made between it and any other PPP - client/server software such as pppd. Unless otherwise stated, all + client/server software such as pppd. Unless otherwise stated, all commands in this section should be executed as root. @@ -20745,7 +20749,7 @@ raisechar=^^ You are going to need the following information to hand: - + @@ -20761,25 +20765,25 @@ raisechar=^^ The IP address of your ISP's gateway. The gateway is the machine to which you will connect and will be set up as - your default route. If your + your default route. If your ISP hasn't given you this number, don't worry. We can make one up and your ISP's PPP server will tell us when we connect. This number is known from now on as - HISADDR. + HISADDR. Your ISP's netmask setting. Again, if your ISP hasn't given you this information, you can safely use a netmask of - 255.255.255.0. + 255.255.255.0. The IP addresses of one or more nameservers. Normally, you will be given two IP numbers. You - MUST have this information unless you run + must have this information unless you run your own nameserver. @@ -20788,12 +20792,12 @@ raisechar=^^ hostname then you will need this information too. If not, you will need to know from what range of IP addresses your allocated IP address will belong. If you haven't been given - this range, don't worry. You can configure PPP to accept any + this range, don't worry. You can configure ppp to accept any IP number (as explained later). - + If you do not have any of the required information, contact your ISP and make sure they provide it to you. @@ -20810,15 +20814,15 @@ raisechar=^^ To check this, go to your kernel compile directory (/sys/i386/conf or /sys/pc98/conf) and examine your kernel - configuration file. It needs to have the line + configuration file. It needs to have the line pseudo-device tun 1 - in it somewhere. The stock GENERIC kernel + in it somewhere. The stock GENERIC kernel has this as standard, so if you have not installed a custom kernel - or you do not have a /sys directory, you do not have to change + or you do not have a /sys directory, you do not have to change anything. If your kernel configuration file does not have this line in @@ -20845,7 +20849,7 @@ tun2: flags=8051<UP,POINTOPOINT,RUNNING,MULTICAST> mtu 1500 tun3: flags=8050<POINTOPOINT,RUNNING,MULTICAST> mtu 1500 - which in this case shows four tunnel devices, two of which are + This case shows four tunnel devices, two of which are currently configured and being used. If you have a kernel without the tun device, and you can not @@ -20863,7 +20867,7 @@ tun3: flags=8050<POINTOPOINT,RUNNING,MULTICAST> mtu 1500 Check the tun device Most users will only require one tun device (/dev/tun0). If you - have used more (i.e., a number other than 1 in the pseudo-device + have used more (i.e., a number other than 1 in the pseudo-device line in the kernel configuration file) then alter all references to tun0 below to reflect whichever device number you are using. @@ -20872,29 +20876,29 @@ tun3: flags=8050<POINTOPOINT,RUNNING,MULTICAST> mtu 1500 configured correctly is to re-make it. To do this, execute the following commands: - + &prompt.root; cd /dev &prompt.root; ./MAKEDEV tun0 - + If you require 16 tunnel devices in your kernel, you will need to create more than just tun0: - + &prompt.root; cd /dev &prompt.root; ./MAKEDEV tun15 - + Also, to confirm that the kernel is configured correctly, the following command should give the indicated output: - + &prompt.root; ifconfig tun0 tun0: flags=8050<POINTOPOINT,RUNNING,MULTICAST> mtu 1500 - + @@ -20905,7 +20909,7 @@ tun0: flags=8050<POINTOPOINT,RUNNING,MULTICAST> mtu 1500 into hostnames and vice versa. It can be configured to look for maps that describe IP to hostname mappings in one of two places. The first is a file called /etc/hosts - (man 5 hosts). The second is the + (man 5 hosts). The second is the Internet Domain Name Service (DNS), a distributed data base, the discussion of which is beyond the scope of this document. @@ -20915,14 +20919,13 @@ tun0: flags=8050<POINTOPOINT,RUNNING,MULTICAST> mtu 1500 The resolver is a set of system calls that do the name mappings, but you have to tell them where to find their information. You do this by first editing the file - /etc/host.conf. Do not call this file - /etc/hosts.conf (note the extra s) as the + /etc/host.conf. Do not call this file + /etc/hosts.conf (note the extra s) as the results can be confusing. - Edit the /etc/host.conf file + Edit the <filename>/etc/host.conf</filename> file This file should contain the following two lines: @@ -20931,7 +20934,7 @@ hosts bind - which instructs the resolver to first look in + These instructs the resolver to first look in the file /etc/hosts, and then to consult the DNS if the name was not found. @@ -20943,7 +20946,8 @@ bind This file should contain the IP addresses and names of machines on your network. At a bare minimum it should contain entries for the machine which will be running ppp. Assuming that - your machine is called foo.bar.com with the IP address 10.0.0.1, + your machine is called foo.bar.com + with the IP address 10.0.0.1, /etc/hosts should contain: @@ -20971,16 +20975,17 @@ bind line(s): -nameserver x.x.x.x -nameserver y.y.y.y -domain bar.com +nameserver x.x.x.x +nameserver y.y.y.y +domain bar.com - The x.x.x.x and y.y.y.y addresses are those given to you + The x.x.x.x and + y.y.y.y addresses are those given to you by your ISP. Add as many nameserver lines as your ISP provides. The domain line defaults to your hostname's - domain, and is probably unnecessary. Refer to the resolv.conf + domain, and is probably unnecessary. Refer to the resolv.conf manual page for details of other possible entries in this file. @@ -20988,15 +20993,15 @@ domain bar.com - PPP Configuration + <command>ppp</command> Configuration - Both user ppp and pppd (the kernel level implementation of + Both user ppp and pppd (the kernel level implementation of PPP) use configuration files located in the /etc/ppp directory. The sample configuration files provided are a good reference for user ppp, so don't delete them. - Configuring ppp requires that you edit a number of files, + Configuring ppp requires that you edit a number of files, depending on your requirements. What you put in them depends to some extent on whether your ISP allocates IP addresses statically (i.e., you get given one IP address, and always use that one) or @@ -21014,12 +21019,12 @@ domain bar.com to the example below. - Lines that end in a : start in the first column, all + Lines that end in a : start in the first column, all other lines should be indented as shown using spaces or tabs. - + 1 default: 2 set device /dev/cuaa0 @@ -21030,13 +21035,15 @@ domain bar.com 7 set login "TIMEOUT 10 gin:-BREAK-gin: foo word: bar col: ppp" 8 set timeout 300 9 deny lqr -10 set ifaddr x.x.x.x y.y.y.y +10 set ifaddr x.x.x.x y.y.y.y 11 delete ALL 12 add 0 0 HISADDR - Do not include the line numbers, they are - just for reference in this discussion. + + + Do not include the line numbers, they are + just for reference in this discussion. + - Line 1: @@ -21049,8 +21056,8 @@ domain bar.com Identifies the device to which the modem is - connected. COM1: is /dev/cuaa0 and - COM2: is /dev/cuaa1. + connected. COM1: is /dev/cuaa0 and + COM2: is /dev/cuaa1. @@ -21066,7 +21073,7 @@ domain bar.com Line 4: - The dial string. User ppp uses an expect-send + The dial string. User PPP uses an expect-send syntax similar to the chat8 program. Refer to the manual page for information on the features of this language. @@ -21085,13 +21092,14 @@ domain bar.com Sets the phone number for this provider. Multiple - phone numbers may be specified using the : or | + phone numbers may be specified using the + : or | character as a separator. The difference between these spearators is described in the ppp manual page. To summarize, if you want to rotate through the numbers, - use the :. If you want to always attempt to dial + use the :. If you want to always attempt to dial the first number first and only use the other numbers if - the first number fails, use the |. Always quote the + the first number fails, use the |. Always quote the entire set of phone numbers as shown. @@ -21106,8 +21114,8 @@ domain bar.com J. Random Provider -login: foo -password: bar +login: foo +password: bar protocol: ppp @@ -21133,18 +21141,18 @@ protocol: ppp Line 9: - Ppp can be configured to exchange Link Quality + ppp can be configured to exchange Link Quality Report (LQR) packets. These packets describe how good - the physical link is. Ppp's LQR strategy is to close + the physical link is. ppp's LQR strategy is to close the connection when a number of these packets are missed. This is useful when you have a direct serial link to another machine and the DSR modem signal is not available to indicate that the line is up. When data saturates the line, LQR packets are sometimes - missed, causing ppp to close the connection + missed, causing ppp to close the connection prematurely. Refusing to negotiate lqr is sometimes prudent (if you are going through a modem) as it avoids - this whole mess. By default, ppp will not attempt to + this whole mess. By default, ppp will not attempt to negotiate LQR, but will accept LQR negotiation from the peer. @@ -21153,9 +21161,9 @@ protocol: ppp Line 10: - Sets the interface addresses. The string x.x.x.x + Sets the interface addresses. The string x.x.x.x should be replaced by the IP address that your provider - has allocated to you. The string y.y.y.y should be + has allocated to you. The string y.y.y.y should be replaced by the IP address that your ISP indicated for their gateway (the machine to which you connect). If your ISP hasn't given you a gateway address, use @@ -21164,7 +21172,7 @@ protocol: ppp an entry in /etc/ppp/ppp.linkup as per the instructions for . If this line is omitted, ppp cannot + IP addresses">. If this line is omitted, ppp cannot run in or mode. @@ -21175,7 +21183,7 @@ protocol: ppp Deletes all existing routing table entries for the acquired tun device. This should not normally be - necessary, but will make sure that PPP is starting with + necessary, but will make sure that ppp is starting with a clean bill of health. @@ -21184,16 +21192,16 @@ protocol: ppp Adds a default route to your ISPs gateway. The - special word HISADDR is replaced with + special word HISADDR is replaced with the gateway address specified on line 9. It is important that this line appears after line 9, otherwise - HISADDR will not yet be + HISADDR will not yet be initialized. - + It is not necessary to add an entry to ppp.linkup when you have a static IP @@ -21215,7 +21223,7 @@ protocol: ppp If your service provider does not assign static IP numbers, ppp can be configured to negotiate the local and remote addresses. This is done by guessing an - IP number and allowing ppp to set it up correctly using the IP + IP number and allowing ppp to set it up correctly using the IP Configuration Protocol (IPCP) after connecting. The ppp.conf configuration is the same as 10.0.0.1. Do not use 0.0.0.0/0 as the first argument to set ifaddr as it - prevents ppp from setting up an initial route in + prevents ppp from setting up an initial route in and mode. - + You will also need to create an entry in /etc/ppp/ppp.linkup. ppp.linkup is used after a connection has - been established. At this point, ppp will know what IP - addresses should really be used. + been established. At this point, ppp will know what IP + addresses should really be used. The following entry will delete the existing bogus routes, and create correct ones: @@ -21273,25 +21281,25 @@ set ifaddr 10.0.0.1/0 10.0.0.2/0 255.255.255.0 0.0.0.0 3 add 0 0 HISADDR - + Line 1: - On establishing a connection, ppp will look for an + On establishing a connection, ppp will look for an entry in ppp.linkup according to the following rules: First, try to match the same label as we used in ppp.conf. If that fails, look for an entry for the IP number of our gateway. This entry is a four-octet IP style label. If we still haven't found an entry, look for the - MYADDR entry. + MYADDR entry. Line 2: - This line tells ppp to delete all existing routes + This line tells ppp to delete all existing routes for the acquired tun interface (except the direct route entry). @@ -21300,15 +21308,15 @@ set ifaddr 10.0.0.1/0 10.0.0.2/0 255.255.255.0 0.0.0.0 Line 3: - This line tells ppp to add a default route that - points to HISADDR. - HISADDR will be replaced with the IP + This line tells ppp to add a default route that + points to HISADDR. + HISADDR will be replaced with the IP number of the gateway as negotiated in the IPCP. - + See the pmdemand entry in the files /etc/ppp/ppp.conf.sample and @@ -21318,29 +21326,29 @@ set ifaddr 10.0.0.1/0 10.0.0.2/0 255.255.255.0 0.0.0.0 - Receiving incoming calls with PPP + Receiving incoming calls with <command>ppp</command> - This section describes setting up ppp in a server + This section describes setting up ppp in a server role. When you configure ppp to receive incoming calls, you must decide whether you wish to - forward packets for just ppp + forward packets for just PPP connections, for all interfaces, or not at all. To forward for - just ppp connections, include the line + just PPP connections, include the line enable proxy - in your ppp.conf file. If you wish to - forward packets on all interfaces, use the + in your ppp.conf file. If you wish to + forward packets on all interfaces, use the gateway=YES - option in /etc/rc.conf (this file used + option in /etc/rc.conf (this file used to be called /etc/sysconfig). @@ -21351,31 +21359,31 @@ gateway=YES Dialup Services"> provides a good description on enabling dialup services using getty. - An alternative to getty is mgetty, a smarter version of getty designed with dialup lines in mind. + An alternative to getty is mgetty, a smarter version of getty designed with dialup lines in mind. - The advantages of using mgetty is that it actively + The advantages of using mgetty is that it actively talks to modems, meaning if port is turned off in /etc/ttys then your modem won't answer the phone. - Later versions of mgetty (from 0.99beta onwards) also + Later versions of mgetty (from 0.99beta onwards) also support the automatic detection of PPP streams, allowing your clients script-less access to your server. Refer to for more information on mgetty. + AutoPPP"> for more information on mgetty. PPP permissions - PPP must normally be run as user id 0. If however you - wish to allow ppp to run in server mode as a normal user by - executing ppp as described below, that user must be given - permission to run ppp by adding them to the network group in + ppp must normally be run as user id 0. If however you + wish to allow ppp to run in server mode as a normal user by + executing ppp as described below, that user must be given + permission to run ppp by adding them to the + network group in /etc/group. @@ -21414,7 +21422,7 @@ exec /usr/sbin/ppp -direct $IDENT You should use this script as the shell for all your dialup ppp users. This is an example from /etc/password for - a dialup PPP user with username pchilds. (remember don't + a dialup PPP user with username pchilds. (remember don't directly edit the password file, use vipw) @@ -21422,7 +21430,7 @@ pchilds:*:1011:300:Peter Childs PPP:/home/ppp:/etc/ppp/ppp-dialup Create a /home/ppp directory that is - world readable containing the following 0 byte files + world readable containing the following 0 byte files @@ -21430,7 +21438,7 @@ pchilds:*:1011:300:Peter Childs PPP:/home/ppp:/etc/ppp/ppp-dialup -r--r--r-- 1 root wheel 0 May 27 02:22 .rhosts - which prevents /etc/motd from being + which prevents /etc/motd from being displayed. @@ -21442,8 +21450,8 @@ pchilds:*:1011:300:Peter Childs PPP:/home/ppp:/etc/ppp/ppp-dialup and for each account with statically assigned IPs create a symbolic link to ppp-shell. - For example, if you have three dialup customers fred, sam, - and mary, that you route class C networks for, you would type + For example, if you have three dialup customers fred, sam, + and mary, that you route class C networks for, you would type the following: @@ -21454,7 +21462,7 @@ pchilds:*:1011:300:Peter Childs PPP:/home/ppp:/etc/ppp/ppp-dialup Each of these users dialup accounts should have their - shell set to the symbolic link created above. (ie. mary's + shell set to the symbolic link created above. (ie. mary's shell should be /etc/ppp/ppp-mary). @@ -21479,25 +21487,27 @@ ttyd1: set ifaddr 203.14.100.1 203.14.100.21 255.255.255.255 enable proxy - - Note the indenting is important. + + + The indenting is important. + The default: section is loaded for each session. For each dialup line enabled in /etc/ttys create an entry similar to the one for ttyd0: above. Each line - should get a unique IP from your pool of ip address for + should get a unique IP address from your pool of IP addresses for dynamic users. - Setting up ppp.conf for static-IP users + Setting up <filename>ppp.conf</filename> for static-IP users Along with the contents of the sample /etc/ppp/ppp.conf above you should add a section for each of the statically assigned dialup users. We - will continue with our fred, sam, and mary example. + will continue with our fred, sam, and mary example. fred: @@ -21530,24 +21540,24 @@ mary: - More on mgetty, AutoPPP, and MS extensions + More on <command>mgetty</command>, AutoPPP, and MS extensions - Mgetty and AutoPPP + <title><command>mgetty</command> and AutoPPP - Configuring and compiling mgetty with the AUTO_PPP - option enabled allows mgetty to detect the LCP phase of PPP + Configuring and compiling mgetty with the AUTO_PPP + option enabled allows mgetty to detect the LCP phase of PPP connections and automatically spawn off a ppp shell. However, since the default login/password sequence does not occur it is necessary to authenticate users using either PAP or CHAP. This section assumes the user has successfully - configured, compiled, and installed a version of mgetty with - the AUTO_PPP option (v0.99beta or later) + configured, compiled, and installed a version of mgetty with + the AUTO_PPP option (v0.99beta or later) Make sure your /usr/local/etc/mgetty+sendfax/login.config file has the following in it: @@ -21556,7 +21566,7 @@ mary: /AutoPPP/ - - /etc/ppp/ppp-pap-dialup - This will tell mgetty to run the + This will tell mgetty to run the ppp-pap-dialup script for detected PPP connections. @@ -21600,11 +21610,10 @@ enable passwdauth option to authenticate users via pap from the - /etc/passwordd file. (*) - - (*) Note this option only available in 2.2-961014-SNAP + /etc/passwordd file(*) Note this option only available in 2.2-961014-SNAP or later, or by getting the updated ppp code for 2.1.x. (see MS extensions below for details) + . @@ -21644,7 +21653,7 @@ default: Some ISPs set their system up so that the authentication part of your connection is done using either of the PAP or CHAP authentication mechanisms. If this is the case, your ISP will - not give a login: prompt when you + not give a login: prompt when you connect, but will start talking PPP immediately. PAP is less secure than CHAP, but security is not normally @@ -21661,15 +21670,15 @@ default: 7 set login … -13 set authname MyUserName -14 set authkey MyPassword +13 set authname MyUserName +14 set authkey MyPassword As always, do not include the line numbers, they are just for reference in this discussion. Indentation of at least one space is required. - + Line 7: @@ -21683,8 +21692,7 @@ default: This line specifies your PAP/CHAP user name. You - will need to insert the correct value for MyUserName. + will need to insert the correct value for MyUserName. @@ -21693,12 +21701,13 @@ default: This line specifies your PAP/CHAP password. You - will need to insert the correct value for MyPassword. You may want to add an + will need to insert the correct value for MyPassword. You may want to add an additional line + 15 accept PAP or + 15 accept CHAP to make it obvious that this is the @@ -21708,10 +21717,10 @@ default: - + - Your authkey will be logged + Your authkey will be logged if you have command logging turned on (set log +command). Care should be taken when deciding the ppp log file permissions. @@ -21719,15 +21728,14 @@ default: - Changing your ppp configuration on the fly + Changing your <command>ppp</command> configuration on the fly - It is possible to talk to the ppp program while it is + It is possible to talk to the ppp program while it is running in the background, but only if a suitable password has been set up. By default, ppp will listen to a TCP port of 3000 + - tunno, where tunno is the number of the tun device + tunno, where tunno is the number of the tun device acquired, however, if a password for the local machine is not set up in /etc/ppp/ppp.secret, no server connection will be created. To set your password, put the @@ -21735,19 +21743,19 @@ default: /etc/ppp/ppp.secret: -foo MyPassword +foo MyPassword - where foo is your local + foo is your local hostname (run hostname -s to determine the - correct name), and MyPassword is + correct name), and MyPassword is the unencrypted password that you wish to use. /etc/ppp/ppp.secret should - NOT be accessable by anyone without user id - 0. This means that /, + not be accessable by anyone without user id + 0. This means that /, /etc and /etc/ppp should not be writable, and ppp.secret - should be owned by user id 0 and have permissions 0600. + should be owned by user id 0 and have permissions 0600. It is also possible to select a specific port number or to have ppp listen to a local unix domain socket rather than to a @@ -21767,7 +21775,7 @@ foo MyPassword Final system configuration - You now have PPP configured, but there are a few more things + You now have ppp configured, but there are a few more things to do before it is ready to work. They all involve editing the /etc/rc.conf file (was /etc/sysconfig). @@ -21783,16 +21791,16 @@ hostname=foo.bar.com name, it's probably best that you use this name as your host name. - Look for the network_interfaces variable. If you want to + Look for the network_interfaces variable. If you want to configure your system to dial your ISP on demand, make sure the - tun0 device is added to the list, otherwise remove it. + tun0 device is added to the list, otherwise remove it. network_interfaces="lo0 tun0" ifconfig_tun0= - The ifconfig_tun0 variable should be empty, + The ifconfig_tun0 variable should be empty, and a file called /etc/start_if.tun0 should be created. This file should contain the line @@ -21816,11 +21824,11 @@ router=NO (/etc/sysconfig) It is important that the routed daemon is not started (it's started by default) as routed tends to delete the default routing - table entries created by ppp. + table entries created by ppp. It is probably worth your while ensuring that the sendmail_flags line does not include the option, - otherwise sendmail will attempt to do a network lookup every now + otherwise sendmail will attempt to do a network lookup every now and then, possibly causing your machine to dial out. You may try: @@ -21828,7 +21836,7 @@ router=NO (/etc/sysconfig) sendmail_flags="-bd" - The upshot of this is that you must force sendmail to + The upshot of this is that you must force sendmail to re-examine the mail queue whenever the ppp link is up by typing: @@ -21847,7 +21855,7 @@ sendmail_flags="-bd" 4 !bg sendmail -bd -q30m - If you don't like this, it is possible to set up a "dfilter" + If you don't like this, it is possible to set up a dfilter to block SMTP traffic. Refer to the sample files for further details. @@ -21860,7 +21868,7 @@ sendmail_flags="-bd" and then dial provider to start the PPP session, or, if - you want ppp to establish sessions automatically when there is + you want ppp to establish sessions automatically when there is outbound traffic (and you haven't created the start_if.tun0 script), type @@ -21878,83 +21886,84 @@ sendmail_flags="-bd" Client side: - - + + - - Ensure that the tun device is built into your + + Ensure that the tun device is built into your kernel. - + - - Ensure that the tunX device file is + + Ensure that the tunX device file is available in the /dev directory. - + - + Create an entry in /etc/ppp/ppp.conf. The pmdemand example should suffice for most ISPs. - + - + If you have a dynamic IP address, create an entry in /etc/ppp/ppp.linkup. - + - + Update your /etc/rc.conf (or sysconfig) file. - + - + Create a start_if.tun0 script if you require demand dialing. - + - - + - Server side: - + + Server side: + + - - Ensure that the tun device is built into your + + Ensure that the tun device is built into your kernel. - + - - Ensure that the tunX device file is + + Ensure that the tunX device file is available in the /dev directory. - + - + Create an entry in /etc/passwd (using the vipw8 program). - + - + Create a profile in this users home directory that runs ppp -direct direct-server or similar. - + - + Create an entry in /etc/ppp/ppp.conf. The direct-server example should suffice. - + - + Create an entry in /etc/ppp/ppp.linkup. - + - + Update your /etc/rc.conf (or sysconfig) file. - + - + @@ -21984,29 +21993,32 @@ sendmail_flags="-bd" Contributed by &a.gena;. Before you start setting up PPP on your machine make sure that - pppd is located in /usr/sbin and directory + pppd is located in /usr/sbin and directory /etc/ppp exists. - pppd can work in two modes: + pppd can work in two modes: + - as a client , i.e. you want to connect your machine to + as a client, i.e. you want to connect your machine to outside world via PPP serial connection or modem line. - as a server , i.e. your machine is located on the + as a server, i.e. your machine is located on the network and used to connect other computers using PPP. - In both cases you will need to set up an options file + + + In both cases you will need to set up an options file (/etc/ppp/options or ~/.ppprc if you have more then one user on your machine that uses PPP). - You also will need some modem/serial software ( preferably - kermit ) so you can dial and establish connection with remote + You also will need some modem/serial software (preferably + kermit) so you can dial and establish connection with remote host. @@ -22034,30 +22046,31 @@ defaultroute # put this if you want that PPP server will be your # default router - To connect: - + To connect: + + - - Dial to the remote host using kermit ( or other modem - program ) enter your user name and password ( or whatever is - needed to enable PPP on the remote host ) - + + Dial to the remote host using kermit (or other modem + program) enter your user name and password (or whatever is + needed to enable PPP on the remote host) + - - Exit kermit. ( without hanging up the line ) - + + Exit kermit (without hanging up the line). + - - enter: + + enter: - &prompt.root; /usr/src/usr.sbin/pppd.new/pppd /dev/tty01 19200 - ( put the appropriate - speed and device name ) - + &prompt.root; /usr/src/usr.sbin/pppd.new/pppd /dev/tty01 19200 + + + Use the appropriate speed and device name. + - - + Now your computer is connected with PPP. If the connection fails for some reasons you can add the option to the @@ -22065,7 +22078,7 @@ defaultroute # put this if you want that PPP server will be your the console to track the problem Following /etc/ppp/pppup script will make - all 3 stages automatically: + all 3 stages automatically: #!/bin/sh @@ -22087,15 +22100,15 @@ ifconfig ppp0 delete kermit -y /etc/ppp/kermit.dial pppd /dev/tty01 19200 - + /etc/ppp/kermit.dial is kermit script that dials and makes all necessary authorization on the remote - host. ( Example of such script is attached to the end of this - document ) + host. (Example of such script is attached to the end of this + document) Use the following /etc/ppp/pppdown script - to disconnect the PPP line: + to disconnect the PPP line: #!/bin/sh @@ -22116,10 +22129,10 @@ fi /sbin/ifconfig ppp0 delete kermit -y /etc/ppp/kermit.hup /etc/ppp/ppptest - + Check if PPP is still running - (/usr/etc/ppp/ppptest): + (/usr/etc/ppp/ppptest): #!/bin/sh @@ -22132,10 +22145,10 @@ fi set -x netstat -n -I ppp0 ifconfig ppp0 - + Hangs up modem line - (/etc/ppp/kermit.hup): + (/etc/ppp/kermit.hup): set line /dev/tty01 ; put your modem device here @@ -22156,7 +22169,7 @@ inp 5 OK out ATH0\13 echo \13 exit - + Here is an alternate method using chat instead of kermit. @@ -22165,7 +22178,7 @@ exit The following two files are sufficient to accomplish a pppd connection. - /etc/ppp/options: + /etc/ppp/options: /dev/cuaa1 115200 @@ -22186,7 +22199,7 @@ domain <your.domain> # put your domain name here defaultroute # put this if you want that PPP server will be # your default router - + /etc/ppp/login.chat.script: @@ -22205,17 +22218,17 @@ ABORT BUSY ABORT 'NO CARRIER' "" AT OK ATDT<phone.number> &prompt.root; pppd - This sample based primarily on information provided + This sample based primarily on information provided by: Trev Roydhouse <Trev.Roydhouse@f401.n711.z3.fidonet.org> and used by - permission. + permission. Working as a PPP server - /etc/ppp/options: + /etc/ppp/options: crtscts # Hardware flow control @@ -22229,10 +22242,10 @@ netmask 255.255.255.0 # netmask ( not required ) domain ppp.foo.com # your domain passive # wait for LCP modem # modem line - + Following /etc/ppp/pppserv script will - enable ppp server on your machine + enable ppp server on your machine: #!/bin/sh @@ -22258,10 +22271,10 @@ kermit -y /etc/ppp/kermit.ans # run ppp pppd /dev/tty01 19200 - + Use this /etc/ppp/pppservdown script to - stop ppp server: + stop ppp server: #!/bin/sh @@ -22281,10 +22294,10 @@ ifconfig ppp0 down ifconfig ppp0 delete kermit -y /etc/ppp/kermit.noans - + Following kermit script will enable/disable autoanswer mode - on your modem (/etc/ppp/kermit.ans): + on your modem (/etc/ppp/kermit.ans): set line /dev/tty01 @@ -22310,13 +22323,13 @@ out ATS0=1\13 ; change this to out ATS0=0\13 if you want to disable inp 5 OK echo \13 exit - + This /etc/ppp/kermit.dial script is used for dialing and authorizing on remote host. You will need to customize it for your needs. Put your login and password in this - script , also you will need to change input statement depending on - responses from your modem and remote host. + script, also you will need to change input statement depending on + responses from your modem and remote host. ; @@ -22433,7 +22446,7 @@ exit 1 ; comment-start: "; " ; comment-start-skip: "; " ; end: - + @@ -22451,15 +22464,15 @@ exit 1 something much fancier. First, determine which serial port your modem is connected to. I - have a symbolic link /dev/modem -> - cuaa1, and only use the modem name in my configuration + have a symbolic link to /dev/modem from + /dev/cuaa1, and only use the modem name in my configuration files. It can become quite cumbersome when you need to fix a bunch of files in /etc and .kermrc's all over the system! - /dev/cuaa0 is COM1, - cuaa1 is COM2, etc. + /dev/cuaa0 is COM1, + cuaa1 is COM2, etc. Make sure you have @@ -22474,13 +22487,13 @@ pseudo-device sl 1 Things you have to do only once - - + + - + Add your home machine, the gateway and nameservers to your /etc/hosts file. Mine looks like - this: + this: 127.0.0.1 localhost loghost @@ -22488,18 +22501,20 @@ pseudo-device sl 1 136.152.64.1 inr-3.Berkeley.EDU inr-3 slip-gateway 128.32.136.9 ns1.Berkeley.edu ns1 128.32.136.12 ns2.Berkeley.edu ns2 - By the way, silvia is + + + By the way, silvia is the name of the car that I had when I was back in Japan (it is called 2?0SX here in U.S.). - + - + Make sure you have before in your /etc/host.conf. Otherwise, funny things may happen. - + - + Edit the file /etc/rc.conf. Note that you should edit the file /etc/sysconfig instead if you are @@ -22545,9 +22560,9 @@ defaultrouter=slip-gateway - + - + Make a file /etc/resolv.conf which contains: @@ -22559,32 +22574,32 @@ nameserver 128.32.136.12 you can see, these set up the nameserver hosts. Of course, the actual domain names and addresses depend on your environment. - + - + Set the password for root and toor (and any other accounts that does not have a password). Use passwd, do not edit the /etc/passwd or /etc/master.passwd files! - + - + Reboot your machine and make sure it comes up with the correct hostname. - + - - + + Making a SLIP connection - - + + - + Dial up, type slip at the prompt, enter your machine name and password. The things you need to enter depends on your environment. I use kermit, with a script like this: @@ -22614,22 +22629,24 @@ output ***\x0d, echo \x0aCONNECTED\x0a filesystem is generally a BAD idea. Do it at your own risk. I am just too lazy. - + - + Leave the kermit there (you can suspend it by z) and - as root, type + as root, type: &prompt.root; slattach -h -c -s 115200 /dev/modem - if you are able to ping hosts + + + If you are able to ping hosts on the other side of the router, you are connected! If it does not work, you might want to try instead of as an argument to slattach. - + - - + + @@ -22659,7 +22676,8 @@ output ***\x0d, echo \x0aCONNECTED\x0a Troubleshooting If it does not work, feel free to ask me. The things that - people tripped over so far: + people tripped over so far: + @@ -22707,8 +22725,6 @@ silvia.HIP.Berke localhost.Berkeley UGH 34 47641234 lo0 - 0.438 - - @@ -22770,9 +22786,8 @@ silvia.HIP.Berke localhost.Berkeley UGH 34 47641234 lo0 - 0.438 getty8, & init8 for information relevant to configuring the system to accept logins on modems, and perhaps stty1 for information on - setting serial port parameters [such as clocal for directly-connected serial - interfaces]. + setting serial port parameters (such as clocal for directly-connected serial + interfaces). @@ -22804,7 +22819,7 @@ silvia.HIP.Berke localhost.Berkeley UGH 34 47641234 lo0 - 0.438 Shelmerg:password:1964:89::0:0:Guy Helmer - SLIP:/usr/users/Shelmerg:/usr/sbin/sliplogin - and, when Shelmerg logs in, + When Shelmerg logs in, sliplogin will search /etc/sliphome/slip.hosts for a line that had a matching user ID; for example, there may be a line in @@ -22830,11 +22845,12 @@ Shelmerg dc-slip sl-helmer 0xfffffc00 autocomp which sliplogin attached itself (slip interface 0, in the above example, which was the first parameter in the list given to slip.login) - to set the local IP address (dc-slip), remote IP address (sl-helmer), network mask for the SLIP - interface (0xfffffc00), and any additional + to set the local IP address (dc-slip), remote + IP address (sl-helmer), network mask for the SLIP + interface (0xfffffc00), and any additional flags (autocomp). If something goes wrong, sliplogin usually logs - good informational messages via the daemon syslog facility, + good informational messages via the daemon syslog facility, which usually goes into /var/log/messages (see the manual pages for syslogd8 and syslog.conf5, and perhaps check @@ -22851,8 +22867,8 @@ Shelmerg dc-slip sl-helmer 0xfffffc00 autocomp Kernel Configuration FreeBSD's default kernels usually come with two SLIP - interfaces defined (sl0 and - sl1); you can use netstat -i to see whether these interfaces + interfaces defined (sl0 and + sl1); you can use netstat -i to see whether these interfaces are defined in your kernel. Sample output from netstat -i: @@ -22882,8 +22898,7 @@ sl1* 296 <Link> 0 0 0 0 you want your FreeBSD SLIP Server to act as a router, you will have to edit the /etc/rc.conf file (called /etc/sysconfig in FreeBSD releases prior to - 2.2.2) and change the setting of the gateway variable to . + 2.2.2) and change the setting of the gateway variable to . If you have an older system which predates even the /etc/sysconfig file, then add the following command: @@ -22904,7 +22919,7 @@ sysctl -w net.inet.ip.forwarding = 1 pseudo-device sl 2 - which is the line that defines the number of SLIP devices + This is the line that defines the number of SLIP devices available in the kernel; the number at the end of the line is the maximum number of SLIP connections that may be operating simultaneously. @@ -22937,7 +22952,7 @@ pseudo-device sl 2 /etc/sliphome/slip.hosts contains lines which have at least four items, separated by whitespace: - + @@ -22958,7 +22973,7 @@ pseudo-device sl 2 - + The local and remote addresses may be host names (resolved to IP addresses by /etc/hosts or by the @@ -22979,39 +22994,38 @@ Shelmerg dc-slip sl-helmerg 0xfffffc00 autocomp At the end of the line is one or more of the options. - + - normal - no header + - no header compression - compress - compress + - compress headers - autocomp - compress + - compress headers if the remote end allows it - noicmp - disable ICMP + - disable ICMP packets (so any ping packets will be dropped instead of using up your bandwidth) - + Note that sliplogin under early releases of FreeBSD 2 ignored the options that FreeBSD 1.x - recognized, so the options normal, - compress, autocomp, and noicmp had no effect until support was + recognized, so the options , + , , and + had no effect until support was added in FreeBSD 2.2 (unless your slip.login script included code to make use of the flags). @@ -23066,7 +23080,7 @@ Shelmerg dc-slip sl-helmerg 0xfffffc00 autocomp /sbin/ifconfig sl$1 inet $4 $5 netmask $6 - This slip.login file merely ifconfig's + This slip.login file merely ifconfig's the appropriate SLIP interface with the local and remote addresses and network mask of the SLIP interface. @@ -23111,7 +23125,7 @@ Shelmerg dc-slip sl-helmerg 0xfffffc00 autocomp - which indicates that this particular system's Ethernet MAC + This indicates that this particular system's Ethernet MAC address is 00:02:c1:28:5f:4a -- the periods in the Ethernet MAC address given by netstat -i must be changed to colons and @@ -23216,7 +23230,7 @@ Shelmerg dc-slip sl-helmerg 0xfffffc00 autocomp - Running gated + Running <command>gated</command> An alternative to the headaches of static routes is to install gated on your FreeBSD SLIP @@ -23255,7 +23269,7 @@ kernel { export proto rip interface ed { proto direct { - xxx.xxx.yy mask 255.255.252.0 metric 1; # SLIP connections + xxx.xxx.yy mask 255.255.252.0 metric 1; # SLIP connections } ; } ; @@ -23269,15 +23283,15 @@ import proto rip interface ed { The above sample gated.conf file broadcasts routing information regarding the SLIP subnet - xxx.xxx.yy via RIP onto the + xxx.xxx.yy via RIP onto the Ethernet; if you are using a different Ethernet driver than the - ed driver, you will need to change - the references to the ed interface + ed driver, you will need to change + the references to the ed interface appropriately. This sample file also sets up tracing to /var/tmp/gated.output for debugging gated's activity; you can certainly turn off the tracing options if gated works OK for you. You will need to - change the xxx.xxx.yy's into the + change the xxx.xxx.yy's into the network address of your own SLIP subnet (be sure to change the net mask in the proto direct clause as well). @@ -23298,7 +23312,7 @@ import proto rip interface ed { Thanks to these people for comments and advice regarding this tutorial: - + &a.wilko; @@ -23309,12 +23323,12 @@ import proto rip interface ed { Piero Serini - <Piero@Strider.Inet.IT> + Piero@Strider.Inet.IT - + @@ -23334,8 +23348,7 @@ import proto rip interface ed { For one machine to be able to find another, there must be a mechanism in place to describe how to get from one to the other. This is called Routing. A route is a defined pair of addresses: - a destination and a gateway. The pair indicates that if you are + a destination and a gateway. The pair indicates that if you are trying to get to this destination, send along through this gateway. There are three types of destinations: individual hosts, subnets, and default. The @@ -23369,18 +23382,18 @@ host2.foobar.com link#1 UC 0 0 The first two lines specify the default route (which we will cover in the next section) and the localhost route. - The interface (Netif column) - that it specifies to use for localhost is lo0, also known as the loopback device. This + The interface (Netif column) + that it specifies to use for localhost is + lo0, also known as the loopback device. This says to keep all traffic for this destination internal, rather than sending it out over the LAN, since it will only end up back where it started anyway. The next thing that stands out are the 0:e0:... addresses. These are ethernet hardware addresses. FreeBSD will automatically identify any hosts - (test0 in the example) on the local + (test0 in the example) on the local ethernet and add a route for that host, directly to it over the - ethernet interface, ed0. There is + ethernet interface, ed0. There is also a timeout (Expire column) associated with this type of route, which is used if we fail to hear from the host in a specific amount of time. In this case the @@ -23406,13 +23419,13 @@ host2.foobar.com link#1 UC 0 0 The host1 line refers to our host, which it knows by ethernet address. Since we are the sending host, FreeBSD knows to use the loopback interface - (lo0) rather than sending it out + (lo0) rather than sending it out over the ethernet interface. The two host2 lines are an example of what happens when we use an ifconfig alias (see the section of ethernet for reasons why we would do this). The - => symbol after the lo0 interface says that not only are we + => symbol after the lo0 interface says that not only are we using the loopback (since this is address also refers to the local host), but specifically it is an alias. Such routes only show up on the host that supports the alias; all other hosts on the local @@ -23426,69 +23439,58 @@ host2.foobar.com link#1 UC 0 0 that are described in the column. Below is a short table of some of these flags and their meanings: - - - U - - Up: The route is - active. - - - - H + + + + + + U + Up: The route is active. + - - Host: The route - destination is a single host. - - + + H + Host: The route destination is a single host. + - G - - - Gateway: Send anything + + G + Gateway: Send anything for this destination on to this remote system, which will - figure out from there where to send it. - - + figure out from there where to send it. + - S - - - Static: This route was + + S + Static: This route was configured manually, not automatically generated by the - system. - - + system. + - C - - - Clone: Generates a new + + C + Clone: Generates a new route based upon this route for machines we connect to. This type of route is normally used for local - networks. - - + networks. + - W - - - WasCloned Indicated a + + W + WasCloned: Indicated a route that was auto-configured based upon a local area - network (Clone) route. - - + network (Clone) route. + - L - - - Link: Route involves - references to ethernet hardware. - - - - + + L + Link: Route involves + references to ethernet hardware. + + + + + @@ -23502,7 +23504,7 @@ host2.foobar.com link#1 UC 0 0 connect along that interface. If all known paths fail, the system has one last option: the - default route. This route is a + default route. This route is a special type of gateway route (usually the only one present in the system), and is always marked with a c in the flags field. For hosts on a local area network, this gateway is set to whatever machine has a @@ -23688,21 +23690,21 @@ Local1 (10.20.30.1, 10.9.9.30) --> T1-GW (10.9.9.1) Though the correct solution is to get a higher performance and capacity Ethernet adapter for the FreeBSD system, there is a simple workaround that will allow satisfactory operation. If the FreeBSD - system is the SERVER, include the option on the mount from - the client. If the FreeBSD system is the CLIENT, then mount the NFS + system is the server, include the option on the mount from + the client. If the FreeBSD system is the client, then mount the NFS file system with the option . These options may be - specified using the fourth field of the fstab entry on the client + specified using the fourth field of the fstab entry on the client for automatic mounts, or by using the parameter of the mount command for manual mounts. It should be noted that there is a different problem, sometimes mistaken for this one, when the NFS servers and clients are on - different networks. If that is the case, make CERTAIN that your + different networks. If that is the case, make certain that your routers are routing the necessary UDP information, or you will not get anywhere, no matter what else you are doing. - In the following examples, "fastws" is the host (interface) name - of a high-performance workstation, and "freebox" is the host + In the following examples, fastws is the host (interface) name + of a high-performance workstation, and freebox is the host (interface) name of a FreeBSD system with a lower-performance Ethernet adapter. Also, /sharedfs will be the exported NFS filesystem (see man exports), and /project will be the mount @@ -23710,27 +23712,27 @@ Local1 (10.20.30.1, 10.9.9.30) --> T1-GW (10.9.9.1) note that additional options, such as or and may be desirable in your application. - Examples for the FreeBSD system ("freebox") as the client: in + Examples for the FreeBSD system (freebox) as the client: in /etc/fstab on freebox: fastws:/sharedfs /project nfs rw,-r=1024 0 0 - as a manual mount command on freebox: + as a manual mount command on freebox: &prompt.root; mount -t nfs -o -r=1024 fastws:/sharedfs /project Examples for the FreeBSD system as the server: in - /etc/fstab on fastws: + /etc/fstab on fastws: freebox:/sharedfs /project nfs rw,-w=1024 0 0 - as a manual mount command on fastws: + as a manual mount command on fastws: &prompt.root; mount -t nfs -o -w=1024 freebox:/sharedfs /project @@ -23745,7 +23747,7 @@ freebox:/sharedfs /project nfs rw,-w=1024 0 0 smaller sizes). Since the maximum Ethernet packet is around 1500 bytes, the NFS block gets split into multiple Ethernet packets, even though it is still a single unit to the upper-level code, and - must be received, assembled, and ACKNOWLEDGED as a unit. The + must be received, assembled, and acknowledged as a unit. The high-performance workstations can pump out the packets which comprise the NFS unit one right after the other, just as close together as the standard allows. On the smaller, lower capacity @@ -23763,7 +23765,7 @@ freebox:/sharedfs /project nfs rw,-w=1024 0 0 Overruns may still occur when a high-performance workstations is slamming data out to a PC system, but with the better cards, such - overruns are not guaranteed on NFS "units". When an overrun occurs, + overruns are not guaranteed on NFS units. When an overrun occurs, the units affected will be retransmitted, and there will be a fair chance that they will be received, assembled, and acknowledged. @@ -23775,7 +23777,7 @@ freebox:/sharedfs /project nfs rw,-w=1024 0 0 Contributed by &a.martin;. - netboot.com/netboot.rom allow you to boot + netboot.com/netboot.rom allow you to boot your FreeBSD machine over the network and run FreeBSD without having a disk on your client. Under 2.0 it is now possible to have local swap. Swapping over NFS is also still supported. @@ -23788,14 +23790,15 @@ freebox:/sharedfs /project nfs rw,-w=1024 0 0 Setup Instructions - - + + - + Find a machine that will be your server. This machine will require enough disk space to hold the FreeBSD 2.0 binaries and have bootp, tftp and NFS services available. - Tested machines: + Tested machines: + @@ -23811,11 +23814,11 @@ freebox:/sharedfs /project nfs rw,-w=1024 0 0 - + - + Set up a bootp server to provide the client with IP, - gateway, netmask. + gateway, netmask. diskless:\ @@ -23827,88 +23830,155 @@ diskless:\ :ip=192.1.2.4:\ :gw=192.1.2.5:\ :vm=rfc1048: - - + + - + Set up a TFTP server (on same machine as bootp server) to provide booting information to client. The name of this - file is cfg.X.X.X.X (or - /tftpboot/cfg.X.X.X.X, it will try - both) where X.X.X.X is the IP address + file is cfg.X.X.X.X (or + /tftpboot/cfg.X.X.X.X, it will try + both) where X.X.X.X is the IP address of the client. The contents of this file can be any valid netboot commands. Under 2.0, netboot has the following - commands: + commands: - -help - print help list -ip <X.X.X.X> - print/set client's IP address -server <X.X.X.X> - print/set bootp/tftp server address -netmask <X.X.X.X> - print/set netmask -hostname <name> - print/set hostname -kernel <name> - print/set kernel name -rootfs <ip:/fs> - print/set root filesystem -swapfs <ip:/fs> - print/set swap filesystem -swapsize <size> - set diskless swapsize in Kbytes -diskboot - boot from disk -autoboot - continue boot process -trans <on|off> - turn transceiver on|off -flags [bcdhsv] - set boot flags - A typical completely diskless cfg file - might contain: + + + + + help + print help list + + + + ip + print/set client's IP address + + + + server + print/set bootp/tftp server address + + + + netmask + print/set netmask + + + + hostname name + print/set hostname + + + + kernel + print/set kernel name + + + + rootfs + print/set root filesystem + + + + swapfs + print/set swap filesystem + + + + swapsize + set diskless swapsize in Kbytes + + + + diskboot + boot from disk + + + + autoboot + continue boot process + + + + trans + | + turn transceiver on|off + + + + flags + + set boot flags + + + + + + A typical completely diskless cfg file + might contain: rootfs 192.1.2.3:/rootfs/myclient swapfs 192.1.2.3:/swapfs swapsize 20000 hostname myclient.mydomain - A cfg file for a machine with local swap - might contain: + + + A cfg file for a machine with local swap + might contain: rootfs 192.1.2.3:/rootfs/myclient hostname myclient.mydomain - - + + - + Ensure that your NFS server has exported the root (and swap if applicable) filesystems to your client, and that the client has root access to these filesystems A typical /etc/exports file on FreeBSD might look - like: + like: /rootfs/myclient -maproot=0:0 myclient.mydomain /swapfs -maproot=0:0 myclient.mydomain - And on HP-UX: + + + And on HP-UX: /rootfs/myclient -root=myclient.mydomain /swapfs -root=myclient.mydomain - - + + - + If you are swapping over NFS (completely diskless configuration) create a swap file for your client using dd. If your swapfs command has the arguments /swapfs and the size 20000 as in the example above, the swapfile for myclient will be called - /swapfs/swap.X.X.X.X where - X.X.X.X is the client's IP addr, eg: + /swapfs/swap.X.X.X.X where + X.X.X.X is the client's IP addr, eg: + &prompt.root; dd if=/dev/zero of=/swapfs/swap.192.1.2.4 bs=1k count=20000 - Also, the client's swap space might + + + Also, the client's swap space might contain sensitive information once swapping starts, so make sure to restrict read and write access to this file to - prevent unauthorized access: + prevent unauthorized access: + &prompt.root; chmod 0600 /swapfs/swap.192.1.2.4 - - + + - + Unpack the root filesystem in the directory the client will use for its root filesystem (/rootfs/myclient in the example @@ -23937,16 +24007,16 @@ hostname myclient.mydomain - + - - Run netboot.com on the client or + + Run netboot.com on the client or make an EPROM from the netboot.rom file - + - - + + @@ -23984,7 +24054,8 @@ hostname myclient.mydomain is Dan Kegel's ISDN Page. - A quick simple roadmap to ISDN follows: + A quick simple roadmap to ISDN follows: + @@ -24007,7 +24078,6 @@ hostname myclient.mydomain - Cost is a significant factor in determining what solution you will choose. The following options are listed from least expensive @@ -24042,7 +24112,8 @@ hostname myclient.mydomain source can be found on the above mentioned ftp server under directory isdn as file bisdn-097.tar.gz. - There are drivers for the following cards: + There are drivers for the following cards: + @@ -24055,13 +24126,12 @@ hostname myclient.mydomain - There are several limitations with the bisdn stuff. Specifically the following features usually associated with ISDN are not supported. - + @@ -24086,13 +24156,16 @@ hostname myclient.mydomain - + A majordomo maintained mailing list is available. To join the list, send mail to &a.majordomo; and specify: + subscribe freebsd-isdn - In the body + + + in the body of your message. @@ -24218,7 +24291,8 @@ subscribe freebsd-isdn network to a head office network the following setup could be used. - Branch office or Home network + + Branch office or Home network Network is 10 Base T Ethernet. Connect router to network cable with AUI/10BT transceiver, if necessary. @@ -24239,10 +24313,12 @@ ISDN BRI line If your home/branch office is only one computer you can use a twisted pair crossover cable to connect to the standalone router directly. + - Head office or other lan + + Head office or other lan - Network is Twisted Pair Ethernet. + Network is Twisted Pair Ethernet. @@ -24257,11 +24333,12 @@ ISDN BRI line |___---Standalone router | ISDN BRI line - + + One large advantage of most routers/bridges is that they allow - you to have 2 SEPARATE INDEPENDENT PPP connections to 2 separate - sites at the SAME time. This is not supported on most TA's, + you to have 2 separate independent PPP connections to 2 separate + sites at the same time. This is not supported on most TA's, except for specific(expensive) models that have two serial ports. Do not confuse this with channel bonding, MPP etc. @@ -24295,16 +24372,14 @@ ISDN BRI line Some parts of E-Mail configuration are controlled in the Domain Name System (DNS). If you are going to run your own own DNS server - check out /etc/namedb - and ' man -k named - ' for more information. + check out /etc/namedb and man -k named for more information. Basic Information These are the major programs involved in an E-Mail exchange. A - mailhost is a server that is + mailhost is a server that is responsible for delivering and receiving all email for your host, and possibly your network. @@ -24312,10 +24387,10 @@ ISDN BRI line User program - This is a program like elm, pine, - mail , or something more sophisticated like a WWW + This is a program like elm, pine, + mail, or something more sophisticated like a WWW browser. This program will simply pass off all e-mail - transactions to the local mailhost , + transactions to the local mailhost , either by calling sendmail or delivering it over TCP. @@ -24324,8 +24399,8 @@ ISDN BRI line Mailhost Server Daemon - Usually this program is sendmail or - smail running in the background. Turn it off or + Usually this program is sendmail or + smail running in the background. Turn it off or change the command line options in /etc/rc.conf (or, prior to FreeBSD 2.2.2, /etc/sysconfig). It is best to leave it on, @@ -24337,12 +24412,11 @@ ISDN BRI line secure site. Some versions of sendmail have known security problems. - sendmail - does two jobs. It looks after delivering + sendmail does two jobs. It looks after delivering and receiving mail. - If sendmail - needs to deliver mail off your site it will look up in + If sendmail + needs to deliver mail off your site it will look up in the DNS to determine the actual host that will receive mail for the destination. @@ -24355,11 +24429,11 @@ ISDN BRI line DNS - Name Service - The Domain Name System and its daemon named , contain the database mapping + The Domain Name System and its daemon named, contain the database mapping hostname to IP address, and hostname to mailhost. The IP address - is specified in an A record. The MX record specifies the + is specified in an A record. The MX record specifies the mailhost that will receive mail for you. If you do not have a - MX record mail for your hostname, the mail will be delivered to + MX record mail for your hostname, the mail will be delivered to your host directly. Unless you are running your own DNS server, you will not be @@ -24373,25 +24447,25 @@ ISDN BRI line This program gets the mail from your mailbox and gives it to your browser. If you want to run a POP server on your computer, - you will need to do 2 things. - + you will need to do 2 things. + + - + Get pop software from the Ports collection that can be found in /usr/ports or packages collection. This handbook section has a complete reference on the system. - + - - Modify /etc/inetd.conf + + Modify /etc/inetd.conf to load the POP server. - + - + The pop program will have instructions with it. Read @@ -24412,28 +24486,35 @@ ISDN BRI line /etc/resolv.conf setup or are running a name server. If you want to have mail for your host delivered to your specific host,there are two methods: - - - Run a name server ( man -k - named ) and have your own domain + + + + Run a name server (man -k named) and have your own domain smallminingco.com - - - Get mail delivered to the current DNS name for your host. + + + + Get mail delivered to the current DNS name for your host. Ie: dorm6.ahouse.school.edu + + No matter what option you choose, to have mail delivered directly to your host, you must be a full Internet host. You must have a permanent IP address. IE: NO dynamic PPP. If you are behind a firewall, the firewall must be passing on smtp traffic to - you. From /etc/services + you. From /etc/services: smtp 25/tcp mail #Simple Mail Transfer - If you + + + If you want to receive mail at your host itself, you must make sure that the DNS MX entry points to your host address, or there is no MX entry for your DNS name. - Try this + Try this: &prompt.root; hostname @@ -24444,18 +24525,19 @@ newbsdbox.freebsd.org has address 204.216.27.xx If that is all that comes out for your machine, mail directory - to root@newbsdbox.freebsd.org + to root@newbsdbox.freebsd.org will work no problems. - If instead, you have this + If instead, you have this: &prompt.root; host newbsdbox.freebsd.org newbsdbox.FreeBSD.org has address 204.216.27.xx newbsdbox.FreeBSD.org mail is handled (pri=10) by freefall.FreeBSD.org - All mail sent to your host - directly will end up on freefall, under the same username. + + + All mail sent to your host + directly will end up on freefall, under the same username. This information is setup in your domain name server. This should be the same host that is listed as your primary nameserver @@ -24466,7 +24548,7 @@ newbsdbox.FreeBSD.org mail is handled (pri=10) by freefall.FreeBSD.org delivered directly to the host by way of the Address record. - The MX entry for freefall.freebsd.org at one time. + The MX entry for freefall.freebsd.org at one time. freefall MX 30 mail.crl.net @@ -24476,19 +24558,18 @@ freefall MX 10 freefall.FreeBSD.org freefall MX 20 who.cdrom.com freefall A 204.216.27.xx freefall CNAME www.FreeBSD.org - + - Freefall has many MX entries. The lowest MX number gets the + freefall has many MX entries. The lowest MX number gets the mail in the end. The others will queue mail temporarily, if - freefall is busy or down. + freefall is busy or down. Alternate MX sites should have separate connections to the Internet, to be most useful. An Internet Provider or other friendly site can provide this service. - dig, nslookup, - and - host are your friends. + dig, nslookup, + and host are your friends. @@ -24498,16 +24579,16 @@ freefall CNAME www.FreeBSD.org To setup up a network mailhost, you need to direct the mail from arriving at all the workstations. In other words, you want to - hijack all mail for *.smallminingco.com - and divert it to one machine, your mailhost. + hijack all mail for *.smallminingco.com + and divert it to one machine, your mailhost. The network users on their workstations will most likely pick up their mail over POP or telnet. - A user account with the SAME USERNAME should exist on both + A user account with the same username should exist on both machines. Please use adduser to do - this as required. If you set the shell to /nonexistent + this as required. If you set the shell to + /nonexistent the user will not be allowed to login. The mailhost that you will be using must be designated the @@ -24515,12 +24596,12 @@ freefall CNAME www.FreeBSD.org (ie BIND, named). Please refer to a Networking book for in-depth information. - You basically need to add these lines in your DNS server. + You basically need to add these lines in your DNS server. -pc24.smallminingco.com A xxx.xxx.xxx.xxx ; Workstation ip +pc24.smallminingco.com A xxx.xxx.xxx.xxx ; Workstation ip MX 10 smtp.smallminingco.com ; Your mailhost - + You cannot do this yourself unless you are running a DNS server. If you do not want to run a DNS server, get somebody else @@ -24536,26 +24617,26 @@ pc24.smallminingco.com A xxx.xxx.xxx.xxx ; Workstation ip I have a customer with domain foo.bar and I want all mail for foo.bar to be sent to my machine smtp.smalliap.com. You must make - an entry in your DNS server like: + an entry in your DNS server like: foo.bar MX 10 smtp.smalliap.com ; your mailhost - The A record is not needed if you only - want E-Mail for the domain. IE: Don't expect ping foo.bar + + + The A record is not needed if you only + want E-Mail for the domain. IE: Don't expect ping foo.bar to work unless an Address record for foo.bar exists as well. On the mailhost that actually accepts mail for final delivery - to a mailbox, sendmail must be told what hosts it will be + to a mailbox, sendmail must be told what hosts it will be accepting mail for. - Add pc24.smallminingco.com to /etc/sendmail.cw (if you are - using FEATURE(use_cw_file)), or add a "Cw myhost.smalliap.com" - line to /etc/sendmail.cf + Add pc24.smallminingco.com to /etc/sendmail.cw (if you are + using FEATURE(use_cw_file)), or add a Cw myhost.smalliap.com + line to /etc/sendmail.cf - If you plan on doing anything serious with sendmail you should install the sendmail + If you plan on doing anything serious with sendmail you should install the sendmail source. The source has plenty of documentation with it. You will find information on getting sendmail source from + The sendmail FAQ is in /usr/src/usr.sbin/sendmail and is recommended @@ -24816,23 +24898,25 @@ bigco.com. MX 10 bigco.com. Cw bigco.com in /etc/sendmail.cf on bigco.com). - When the senders sendmail is trying to deliver the mail it + When the senders sendmail is trying to deliver the mail it will try to connect to you over the modem link. It will most - likely time out because you are not online. Sendmail will + likely time out because you are not online. sendmail will automatically deliver it to the secondary MX site, ie your Internet provider. The secondary MX site will try every (sendmail_flags = "-bd -q15m" in /etc/rc.conf ) 15 minutes to connect to your host to deliver the mail to the primary MX site. - You might wat to use something like this as a login script. + You might wat to use something like this as a login script. #!/bin/sh # Put me in /usr/local/bin/pppbigco ( sleep 60 ; /usr/sbin/sendmail -q ) & /usr/sbin/ppp -direct pppbigco - If you are going to create a separate + + + If you are going to create a separate login script for a user you could use sendmail -qRbigco.com instead in the script above. This will force all mail in your queue for bigco.com to be processed @@ -28093,7 +28177,7 @@ THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. # Date created: 5 December 1994 # Whom: asami # -# $Id: handbook.sgml,v 1.40 1998-10-21 22:05:23 nik Exp $ +# $Id: handbook.sgml,v 1.41 1998-10-22 23:03:01 nik Exp $ # DISTNAME= oneko-1.1b diff --git a/en_US.ISO8859-1/books/handbook/book.sgml b/en_US.ISO8859-1/books/handbook/book.sgml index 4b74e46c0e..e547408d67 100644 --- a/en_US.ISO8859-1/books/handbook/book.sgml +++ b/en_US.ISO8859-1/books/handbook/book.sgml @@ -20395,18 +20395,19 @@ AT&B2&W On your system, the programs tip and cu are probably executable only - by uucp and group dialer. You can use the group dialer to control who has access to your + by uucp and group + dialer. You can use the group dialer to control who has access to your modem or remote systems. Just add yourself to group dialer. Alternatively, you can let everyone on your system run - tip and cu by typing: + tip and cu by typing: &prompt.root; chmod 4511 /usr/bin/tip - You do not have to run + + + You do not have to run this command for cu, since cu is just a hard link to tip. @@ -20421,16 +20422,16 @@ AT&B2&W The Hayes driver is not smart enough to recognize some of the advanced features of newer modems--messages like - BUSY, NO - DIALTONE, or CONNECT - 115200 will just confuse it. You should turn those + BUSY, NO + DIALTONE, or CONNECT + 115200 will just confuse it. You should turn those messages off when you use tip (using - ATX0&W). + ATX0&W). Also, the dial timeout for tip is 60 seconds. Your modem should use something less, or else tip will think there is a communication problem. Try - ATS7=45&W. + ATS7=45&W. Actually, as shipped tip does not yet support it fully. The solution is to edit the file @@ -20450,32 +20451,36 @@ AT&B2&W id="direct-at"> How am I expected to enter these AT commands? - Make what is called a direct + Make what is called a direct entry in your /etc/remote file. For example, if your modem is hooked up to the first serial port, - /dev/cuaa0, then put in the following line: + /dev/cuaa0, then put in the following line: cuaa0:dv=/dev/cuaa0:br#19200:pa=none - Use the highest bps rate your modem supports in + + + Use the highest bps rate your modem supports in the br capability. Then, type tip cuaa0 and you will be connected to your modem. If there is no /dev/cuaa0 on your system, - do this: + do this: &prompt.root; cd /dev &prompt.root; MAKEDEV cuaa0 - + - Or use cu as root with the following command: + Or use cu as root with the following command: &prompt.root; cu -lline -sspeed - with line being the - serial port (e.g./dev/cuaa0) and speed being + + + line is the + serial port (e.g./dev/cuaa0) and speed is the speed (e.g.57600). When you are done entering the AT commands hit ~. to exit. @@ -20486,36 +20491,38 @@ cuaa0:dv=/dev/cuaa0:br#19200:pa=none The <literal>@</literal> sign for the pn capability does not work! - The @ sign in the phone number capability tells + The @ sign in the phone number capability tells tip to look in /etc/phones for a phone - number. But the @ sign is also a special character + number. But the @ sign is also a special character in capability files like /etc/remote. Escape - it with a backslash: + it with a backslash: pn=\@ - + How can I dial a phone number on the command line? - Put what is called a generic - entry in your /etc/remote file. For example: + Put what is called a generic + entry in your /etc/remote file. For example: tip115200|Dial any phone number at 115200 bps:\ :dv=/dev/cuaa0:br#115200:at=hayes:pa=none:du: tip57600|Dial any phone number at 57600 bps:\ :dv=/dev/cuaa0:br#57600:at=hayes:pa=none:du: - + - Then you can things like + Then you can things like: &prompt.root; tip -115200 5551234 - . If you prefer cu over tip, + + + If you prefer cu over tip, use a generic cu entry: @@ -20546,7 +20553,7 @@ cu115200|Use cu to dial any number at 115200bps:\ Rather than waiting until you are connected and typing CONNECT <host> each time, - use tip's cm capability. For + use tip's cm capability. For example, these entries in /etc/remote: @@ -20556,9 +20563,9 @@ muffin|muffin.deep13.com|Frank's machine:\ :cm=CONNECT muffin\n:tc=deep13: deep13:Gizmonics Institute terminal server:\ :dv=/dev/cua02:br#38400:at=hayes:du:pa=none:pn=5551234: - + - will let you type tip pain + will let you type tip pain or tip muffin to connect to the hosts pain or muffin; and tip deep13 to get to the terminal server. @@ -20573,24 +20580,24 @@ deep13:Gizmonics Institute terminal server:\ Make an entry for your university in /etc/remote and use @ for the - pn capability: + pn capability: big-university:\ :pn=\@:tc=dialout dialout:\ :dv=/dev/cuaa3:br#9600:at=courier:du:pa=none: - + Then, list the phone numbers for the university in - /etc/phones: + /etc/phones: big-university 5551111 big-university 5551112 big-university 5551113 big-university 5551114 - + tip will try each one in the listed order, then give up. If you want to keep retrying, run @@ -20608,23 +20615,20 @@ big-university 5551114 character with the ~s escape, which means set a variable. - Type ~sforce=<single-char> - followed by a newline. <single-char> is any single character. - If you leave out <single-char>, then the force + Type ~sforce=single-char + followed by a newline. single-char is any single character. + If you leave out single-char, then the force character is the nul character, which you can get by typing CTRL+2 - or CTRL+SPACE. A pretty good value for <single-char> is SHIFT+CTRL+6, which I + or CTRL+SPACE. A pretty good value for single-char is SHIFT+CTRL+6, which I have seen only used on some terminal servers. You can have the force character be whatever you want by specifying the following in your - $HOME/.tiprc file: + $HOME/.tiprc file: force=<single-char> - + @@ -20638,14 +20642,14 @@ force=<single-char> of these features. Here is a sample .tiprc file perfect for Emacs users who need - to type CTRL+2 and CTRL+A a lot: + to type CTRL+2 and CTRL+A a lot: force=^^ raisechar=^^ - The ^^ is SHIFT+CTRL+6. + The ^^ is SHIFT+CTRL+6. @@ -20656,7 +20660,7 @@ raisechar=^^ receive files with ~p (put) and ~t (take). These commands run cat and echo on the remote system to accept and - send files. The syntax is: + send files. The syntax is: ~p @@ -20668,7 +20672,7 @@ raisechar=^^ ~t remote-file local-file - + There is no error checking, so you probably should use another protocol, like zmodem. @@ -20683,7 +20687,7 @@ raisechar=^^ receiving them locally. To send files, start the receiving program on the remote end. - Then, type ~C sz <files> + Then, type ~C sz files to send them to the remote system. @@ -20697,7 +20701,7 @@ raisechar=^^ to provide other people with dialup connections to the Internet using FreeBSD, you have the option of using PPP or SLIP. Furthermore, two varieties of PPP are provided: user (sometimes - referred to as iijppp) and kernel. The + referred to as iijppp) and kernel. The procedures for configuring both types of PPP, and for setting up SLIP are described in this chapter. @@ -20711,15 +20715,15 @@ raisechar=^^ different about this new PPP that warrants its addition? To quote from the manual page: - +
This is a user process PPP software package. Normally, PPP - is implemented as a part of the kernel (e.g. as managed by pppd) + is implemented as a part of the kernel (e.g. as managed by pppd) and it is thus somewhat hard to debug and/or modify its behavior. However, in this implementation PPP is done as a user process with the help of the tunnel device driver (tun).
- + In essence, this means that rather than running a PPP daemon, the ppp program can be run as and when desired. No PPP interface @@ -20728,7 +20732,7 @@ raisechar=^^ From here on out, user ppp will be referred to simply as ppp unless a distinction needs to be made between it and any other PPP - client/server software such as pppd. Unless otherwise stated, all + client/server software such as pppd. Unless otherwise stated, all commands in this section should be executed as root. @@ -20745,7 +20749,7 @@ raisechar=^^ You are going to need the following information to hand: - + @@ -20761,25 +20765,25 @@ raisechar=^^ The IP address of your ISP's gateway. The gateway is the machine to which you will connect and will be set up as - your default route. If your + your default route. If your ISP hasn't given you this number, don't worry. We can make one up and your ISP's PPP server will tell us when we connect. This number is known from now on as - HISADDR. + HISADDR. Your ISP's netmask setting. Again, if your ISP hasn't given you this information, you can safely use a netmask of - 255.255.255.0. + 255.255.255.0. The IP addresses of one or more nameservers. Normally, you will be given two IP numbers. You - MUST have this information unless you run + must have this information unless you run your own nameserver. @@ -20788,12 +20792,12 @@ raisechar=^^ hostname then you will need this information too. If not, you will need to know from what range of IP addresses your allocated IP address will belong. If you haven't been given - this range, don't worry. You can configure PPP to accept any + this range, don't worry. You can configure ppp to accept any IP number (as explained later). - + If you do not have any of the required information, contact your ISP and make sure they provide it to you. @@ -20810,15 +20814,15 @@ raisechar=^^ To check this, go to your kernel compile directory (/sys/i386/conf or /sys/pc98/conf) and examine your kernel - configuration file. It needs to have the line + configuration file. It needs to have the line pseudo-device tun 1 - in it somewhere. The stock GENERIC kernel + in it somewhere. The stock GENERIC kernel has this as standard, so if you have not installed a custom kernel - or you do not have a /sys directory, you do not have to change + or you do not have a /sys directory, you do not have to change anything. If your kernel configuration file does not have this line in @@ -20845,7 +20849,7 @@ tun2: flags=8051<UP,POINTOPOINT,RUNNING,MULTICAST> mtu 1500 tun3: flags=8050<POINTOPOINT,RUNNING,MULTICAST> mtu 1500 - which in this case shows four tunnel devices, two of which are + This case shows four tunnel devices, two of which are currently configured and being used. If you have a kernel without the tun device, and you can not @@ -20863,7 +20867,7 @@ tun3: flags=8050<POINTOPOINT,RUNNING,MULTICAST> mtu 1500 Check the tun device Most users will only require one tun device (/dev/tun0). If you - have used more (i.e., a number other than 1 in the pseudo-device + have used more (i.e., a number other than 1 in the pseudo-device line in the kernel configuration file) then alter all references to tun0 below to reflect whichever device number you are using. @@ -20872,29 +20876,29 @@ tun3: flags=8050<POINTOPOINT,RUNNING,MULTICAST> mtu 1500 configured correctly is to re-make it. To do this, execute the following commands: - + &prompt.root; cd /dev &prompt.root; ./MAKEDEV tun0 - + If you require 16 tunnel devices in your kernel, you will need to create more than just tun0: - + &prompt.root; cd /dev &prompt.root; ./MAKEDEV tun15 - + Also, to confirm that the kernel is configured correctly, the following command should give the indicated output: - + &prompt.root; ifconfig tun0 tun0: flags=8050<POINTOPOINT,RUNNING,MULTICAST> mtu 1500 - + @@ -20905,7 +20909,7 @@ tun0: flags=8050<POINTOPOINT,RUNNING,MULTICAST> mtu 1500 into hostnames and vice versa. It can be configured to look for maps that describe IP to hostname mappings in one of two places. The first is a file called /etc/hosts - (man 5 hosts). The second is the + (man 5 hosts). The second is the Internet Domain Name Service (DNS), a distributed data base, the discussion of which is beyond the scope of this document. @@ -20915,14 +20919,13 @@ tun0: flags=8050<POINTOPOINT,RUNNING,MULTICAST> mtu 1500 The resolver is a set of system calls that do the name mappings, but you have to tell them where to find their information. You do this by first editing the file - /etc/host.conf. Do not call this file - /etc/hosts.conf (note the extra s) as the + /etc/host.conf. Do not call this file + /etc/hosts.conf (note the extra s) as the results can be confusing. - Edit the /etc/host.conf file + Edit the <filename>/etc/host.conf</filename> file This file should contain the following two lines: @@ -20931,7 +20934,7 @@ hosts bind - which instructs the resolver to first look in + These instructs the resolver to first look in the file /etc/hosts, and then to consult the DNS if the name was not found. @@ -20943,7 +20946,8 @@ bind This file should contain the IP addresses and names of machines on your network. At a bare minimum it should contain entries for the machine which will be running ppp. Assuming that - your machine is called foo.bar.com with the IP address 10.0.0.1, + your machine is called foo.bar.com + with the IP address 10.0.0.1, /etc/hosts should contain: @@ -20971,16 +20975,17 @@ bind line(s): -nameserver x.x.x.x -nameserver y.y.y.y -domain bar.com +nameserver x.x.x.x +nameserver y.y.y.y +domain bar.com - The x.x.x.x and y.y.y.y addresses are those given to you + The x.x.x.x and + y.y.y.y addresses are those given to you by your ISP. Add as many nameserver lines as your ISP provides. The domain line defaults to your hostname's - domain, and is probably unnecessary. Refer to the resolv.conf + domain, and is probably unnecessary. Refer to the resolv.conf manual page for details of other possible entries in this file. @@ -20988,15 +20993,15 @@ domain bar.com - PPP Configuration + <command>ppp</command> Configuration - Both user ppp and pppd (the kernel level implementation of + Both user ppp and pppd (the kernel level implementation of PPP) use configuration files located in the /etc/ppp directory. The sample configuration files provided are a good reference for user ppp, so don't delete them. - Configuring ppp requires that you edit a number of files, + Configuring ppp requires that you edit a number of files, depending on your requirements. What you put in them depends to some extent on whether your ISP allocates IP addresses statically (i.e., you get given one IP address, and always use that one) or @@ -21014,12 +21019,12 @@ domain bar.com to the example below. - Lines that end in a : start in the first column, all + Lines that end in a : start in the first column, all other lines should be indented as shown using spaces or tabs. - + 1 default: 2 set device /dev/cuaa0 @@ -21030,13 +21035,15 @@ domain bar.com 7 set login "TIMEOUT 10 gin:-BREAK-gin: foo word: bar col: ppp" 8 set timeout 300 9 deny lqr -10 set ifaddr x.x.x.x y.y.y.y +10 set ifaddr x.x.x.x y.y.y.y 11 delete ALL 12 add 0 0 HISADDR - Do not include the line numbers, they are - just for reference in this discussion. + + + Do not include the line numbers, they are + just for reference in this discussion. + - Line 1: @@ -21049,8 +21056,8 @@ domain bar.com Identifies the device to which the modem is - connected. COM1: is /dev/cuaa0 and - COM2: is /dev/cuaa1. + connected. COM1: is /dev/cuaa0 and + COM2: is /dev/cuaa1. @@ -21066,7 +21073,7 @@ domain bar.com Line 4: - The dial string. User ppp uses an expect-send + The dial string. User PPP uses an expect-send syntax similar to the chat8 program. Refer to the manual page for information on the features of this language. @@ -21085,13 +21092,14 @@ domain bar.com Sets the phone number for this provider. Multiple - phone numbers may be specified using the : or | + phone numbers may be specified using the + : or | character as a separator. The difference between these spearators is described in the ppp manual page. To summarize, if you want to rotate through the numbers, - use the :. If you want to always attempt to dial + use the :. If you want to always attempt to dial the first number first and only use the other numbers if - the first number fails, use the |. Always quote the + the first number fails, use the |. Always quote the entire set of phone numbers as shown. @@ -21106,8 +21114,8 @@ domain bar.com J. Random Provider -login: foo -password: bar +login: foo +password: bar protocol: ppp @@ -21133,18 +21141,18 @@ protocol: ppp Line 9: - Ppp can be configured to exchange Link Quality + ppp can be configured to exchange Link Quality Report (LQR) packets. These packets describe how good - the physical link is. Ppp's LQR strategy is to close + the physical link is. ppp's LQR strategy is to close the connection when a number of these packets are missed. This is useful when you have a direct serial link to another machine and the DSR modem signal is not available to indicate that the line is up. When data saturates the line, LQR packets are sometimes - missed, causing ppp to close the connection + missed, causing ppp to close the connection prematurely. Refusing to negotiate lqr is sometimes prudent (if you are going through a modem) as it avoids - this whole mess. By default, ppp will not attempt to + this whole mess. By default, ppp will not attempt to negotiate LQR, but will accept LQR negotiation from the peer. @@ -21153,9 +21161,9 @@ protocol: ppp Line 10: - Sets the interface addresses. The string x.x.x.x + Sets the interface addresses. The string x.x.x.x should be replaced by the IP address that your provider - has allocated to you. The string y.y.y.y should be + has allocated to you. The string y.y.y.y should be replaced by the IP address that your ISP indicated for their gateway (the machine to which you connect). If your ISP hasn't given you a gateway address, use @@ -21164,7 +21172,7 @@ protocol: ppp an entry in /etc/ppp/ppp.linkup as per the instructions for . If this line is omitted, ppp cannot + IP addresses">. If this line is omitted, ppp cannot run in or mode. @@ -21175,7 +21183,7 @@ protocol: ppp Deletes all existing routing table entries for the acquired tun device. This should not normally be - necessary, but will make sure that PPP is starting with + necessary, but will make sure that ppp is starting with a clean bill of health. @@ -21184,16 +21192,16 @@ protocol: ppp Adds a default route to your ISPs gateway. The - special word HISADDR is replaced with + special word HISADDR is replaced with the gateway address specified on line 9. It is important that this line appears after line 9, otherwise - HISADDR will not yet be + HISADDR will not yet be initialized. - + It is not necessary to add an entry to ppp.linkup when you have a static IP @@ -21215,7 +21223,7 @@ protocol: ppp If your service provider does not assign static IP numbers, ppp can be configured to negotiate the local and remote addresses. This is done by guessing an - IP number and allowing ppp to set it up correctly using the IP + IP number and allowing ppp to set it up correctly using the IP Configuration Protocol (IPCP) after connecting. The ppp.conf configuration is the same as 10.0.0.1. Do not use 0.0.0.0/0 as the first argument to set ifaddr as it - prevents ppp from setting up an initial route in + prevents ppp from setting up an initial route in and mode. - + You will also need to create an entry in /etc/ppp/ppp.linkup. ppp.linkup is used after a connection has - been established. At this point, ppp will know what IP - addresses should really be used. + been established. At this point, ppp will know what IP + addresses should really be used. The following entry will delete the existing bogus routes, and create correct ones: @@ -21273,25 +21281,25 @@ set ifaddr 10.0.0.1/0 10.0.0.2/0 255.255.255.0 0.0.0.0 3 add 0 0 HISADDR - + Line 1: - On establishing a connection, ppp will look for an + On establishing a connection, ppp will look for an entry in ppp.linkup according to the following rules: First, try to match the same label as we used in ppp.conf. If that fails, look for an entry for the IP number of our gateway. This entry is a four-octet IP style label. If we still haven't found an entry, look for the - MYADDR entry. + MYADDR entry. Line 2: - This line tells ppp to delete all existing routes + This line tells ppp to delete all existing routes for the acquired tun interface (except the direct route entry). @@ -21300,15 +21308,15 @@ set ifaddr 10.0.0.1/0 10.0.0.2/0 255.255.255.0 0.0.0.0 Line 3: - This line tells ppp to add a default route that - points to HISADDR. - HISADDR will be replaced with the IP + This line tells ppp to add a default route that + points to HISADDR. + HISADDR will be replaced with the IP number of the gateway as negotiated in the IPCP. - + See the pmdemand entry in the files /etc/ppp/ppp.conf.sample and @@ -21318,29 +21326,29 @@ set ifaddr 10.0.0.1/0 10.0.0.2/0 255.255.255.0 0.0.0.0 - Receiving incoming calls with PPP + Receiving incoming calls with <command>ppp</command> - This section describes setting up ppp in a server + This section describes setting up ppp in a server role. When you configure ppp to receive incoming calls, you must decide whether you wish to - forward packets for just ppp + forward packets for just PPP connections, for all interfaces, or not at all. To forward for - just ppp connections, include the line + just PPP connections, include the line enable proxy - in your ppp.conf file. If you wish to - forward packets on all interfaces, use the + in your ppp.conf file. If you wish to + forward packets on all interfaces, use the gateway=YES - option in /etc/rc.conf (this file used + option in /etc/rc.conf (this file used to be called /etc/sysconfig). @@ -21351,31 +21359,31 @@ gateway=YES Dialup Services"> provides a good description on enabling dialup services using getty. - An alternative to getty is mgetty, a smarter version of getty designed with dialup lines in mind. + An alternative to getty is mgetty, a smarter version of getty designed with dialup lines in mind. - The advantages of using mgetty is that it actively + The advantages of using mgetty is that it actively talks to modems, meaning if port is turned off in /etc/ttys then your modem won't answer the phone. - Later versions of mgetty (from 0.99beta onwards) also + Later versions of mgetty (from 0.99beta onwards) also support the automatic detection of PPP streams, allowing your clients script-less access to your server. Refer to for more information on mgetty. + AutoPPP"> for more information on mgetty. PPP permissions - PPP must normally be run as user id 0. If however you - wish to allow ppp to run in server mode as a normal user by - executing ppp as described below, that user must be given - permission to run ppp by adding them to the network group in + ppp must normally be run as user id 0. If however you + wish to allow ppp to run in server mode as a normal user by + executing ppp as described below, that user must be given + permission to run ppp by adding them to the + network group in /etc/group. @@ -21414,7 +21422,7 @@ exec /usr/sbin/ppp -direct $IDENT You should use this script as the shell for all your dialup ppp users. This is an example from /etc/password for - a dialup PPP user with username pchilds. (remember don't + a dialup PPP user with username pchilds. (remember don't directly edit the password file, use vipw) @@ -21422,7 +21430,7 @@ pchilds:*:1011:300:Peter Childs PPP:/home/ppp:/etc/ppp/ppp-dialup Create a /home/ppp directory that is - world readable containing the following 0 byte files + world readable containing the following 0 byte files @@ -21430,7 +21438,7 @@ pchilds:*:1011:300:Peter Childs PPP:/home/ppp:/etc/ppp/ppp-dialup -r--r--r-- 1 root wheel 0 May 27 02:22 .rhosts - which prevents /etc/motd from being + which prevents /etc/motd from being displayed. @@ -21442,8 +21450,8 @@ pchilds:*:1011:300:Peter Childs PPP:/home/ppp:/etc/ppp/ppp-dialup and for each account with statically assigned IPs create a symbolic link to ppp-shell. - For example, if you have three dialup customers fred, sam, - and mary, that you route class C networks for, you would type + For example, if you have three dialup customers fred, sam, + and mary, that you route class C networks for, you would type the following: @@ -21454,7 +21462,7 @@ pchilds:*:1011:300:Peter Childs PPP:/home/ppp:/etc/ppp/ppp-dialup Each of these users dialup accounts should have their - shell set to the symbolic link created above. (ie. mary's + shell set to the symbolic link created above. (ie. mary's shell should be /etc/ppp/ppp-mary). @@ -21479,25 +21487,27 @@ ttyd1: set ifaddr 203.14.100.1 203.14.100.21 255.255.255.255 enable proxy - - Note the indenting is important. + + + The indenting is important. + The default: section is loaded for each session. For each dialup line enabled in /etc/ttys create an entry similar to the one for ttyd0: above. Each line - should get a unique IP from your pool of ip address for + should get a unique IP address from your pool of IP addresses for dynamic users. - Setting up ppp.conf for static-IP users + Setting up <filename>ppp.conf</filename> for static-IP users Along with the contents of the sample /etc/ppp/ppp.conf above you should add a section for each of the statically assigned dialup users. We - will continue with our fred, sam, and mary example. + will continue with our fred, sam, and mary example. fred: @@ -21530,24 +21540,24 @@ mary: - More on mgetty, AutoPPP, and MS extensions + More on <command>mgetty</command>, AutoPPP, and MS extensions - Mgetty and AutoPPP + <title><command>mgetty</command> and AutoPPP - Configuring and compiling mgetty with the AUTO_PPP - option enabled allows mgetty to detect the LCP phase of PPP + Configuring and compiling mgetty with the AUTO_PPP + option enabled allows mgetty to detect the LCP phase of PPP connections and automatically spawn off a ppp shell. However, since the default login/password sequence does not occur it is necessary to authenticate users using either PAP or CHAP. This section assumes the user has successfully - configured, compiled, and installed a version of mgetty with - the AUTO_PPP option (v0.99beta or later) + configured, compiled, and installed a version of mgetty with + the AUTO_PPP option (v0.99beta or later) Make sure your /usr/local/etc/mgetty+sendfax/login.config file has the following in it: @@ -21556,7 +21566,7 @@ mary: /AutoPPP/ - - /etc/ppp/ppp-pap-dialup - This will tell mgetty to run the + This will tell mgetty to run the ppp-pap-dialup script for detected PPP connections. @@ -21600,11 +21610,10 @@ enable passwdauth option to authenticate users via pap from the - /etc/passwordd file. (*) - - (*) Note this option only available in 2.2-961014-SNAP + /etc/passwordd file(*) Note this option only available in 2.2-961014-SNAP or later, or by getting the updated ppp code for 2.1.x. (see MS extensions below for details) + . @@ -21644,7 +21653,7 @@ default: Some ISPs set their system up so that the authentication part of your connection is done using either of the PAP or CHAP authentication mechanisms. If this is the case, your ISP will - not give a login: prompt when you + not give a login: prompt when you connect, but will start talking PPP immediately. PAP is less secure than CHAP, but security is not normally @@ -21661,15 +21670,15 @@ default: 7 set login … -13 set authname MyUserName -14 set authkey MyPassword +13 set authname MyUserName +14 set authkey MyPassword As always, do not include the line numbers, they are just for reference in this discussion. Indentation of at least one space is required. - + Line 7: @@ -21683,8 +21692,7 @@ default: This line specifies your PAP/CHAP user name. You - will need to insert the correct value for MyUserName. + will need to insert the correct value for MyUserName. @@ -21693,12 +21701,13 @@ default: This line specifies your PAP/CHAP password. You - will need to insert the correct value for MyPassword. You may want to add an + will need to insert the correct value for MyPassword. You may want to add an additional line + 15 accept PAP or + 15 accept CHAP to make it obvious that this is the @@ -21708,10 +21717,10 @@ default: - + - Your authkey will be logged + Your authkey will be logged if you have command logging turned on (set log +command). Care should be taken when deciding the ppp log file permissions. @@ -21719,15 +21728,14 @@ default: - Changing your ppp configuration on the fly + Changing your <command>ppp</command> configuration on the fly - It is possible to talk to the ppp program while it is + It is possible to talk to the ppp program while it is running in the background, but only if a suitable password has been set up. By default, ppp will listen to a TCP port of 3000 + - tunno, where tunno is the number of the tun device + tunno, where tunno is the number of the tun device acquired, however, if a password for the local machine is not set up in /etc/ppp/ppp.secret, no server connection will be created. To set your password, put the @@ -21735,19 +21743,19 @@ default: /etc/ppp/ppp.secret: -foo MyPassword +foo MyPassword - where foo is your local + foo is your local hostname (run hostname -s to determine the - correct name), and MyPassword is + correct name), and MyPassword is the unencrypted password that you wish to use. /etc/ppp/ppp.secret should - NOT be accessable by anyone without user id - 0. This means that /, + not be accessable by anyone without user id + 0. This means that /, /etc and /etc/ppp should not be writable, and ppp.secret - should be owned by user id 0 and have permissions 0600. + should be owned by user id 0 and have permissions 0600. It is also possible to select a specific port number or to have ppp listen to a local unix domain socket rather than to a @@ -21767,7 +21775,7 @@ foo MyPassword Final system configuration - You now have PPP configured, but there are a few more things + You now have ppp configured, but there are a few more things to do before it is ready to work. They all involve editing the /etc/rc.conf file (was /etc/sysconfig). @@ -21783,16 +21791,16 @@ hostname=foo.bar.com name, it's probably best that you use this name as your host name. - Look for the network_interfaces variable. If you want to + Look for the network_interfaces variable. If you want to configure your system to dial your ISP on demand, make sure the - tun0 device is added to the list, otherwise remove it. + tun0 device is added to the list, otherwise remove it. network_interfaces="lo0 tun0" ifconfig_tun0= - The ifconfig_tun0 variable should be empty, + The ifconfig_tun0 variable should be empty, and a file called /etc/start_if.tun0 should be created. This file should contain the line @@ -21816,11 +21824,11 @@ router=NO (/etc/sysconfig) It is important that the routed daemon is not started (it's started by default) as routed tends to delete the default routing - table entries created by ppp. + table entries created by ppp. It is probably worth your while ensuring that the sendmail_flags line does not include the option, - otherwise sendmail will attempt to do a network lookup every now + otherwise sendmail will attempt to do a network lookup every now and then, possibly causing your machine to dial out. You may try: @@ -21828,7 +21836,7 @@ router=NO (/etc/sysconfig) sendmail_flags="-bd" - The upshot of this is that you must force sendmail to + The upshot of this is that you must force sendmail to re-examine the mail queue whenever the ppp link is up by typing: @@ -21847,7 +21855,7 @@ sendmail_flags="-bd" 4 !bg sendmail -bd -q30m - If you don't like this, it is possible to set up a "dfilter" + If you don't like this, it is possible to set up a dfilter to block SMTP traffic. Refer to the sample files for further details. @@ -21860,7 +21868,7 @@ sendmail_flags="-bd" and then dial provider to start the PPP session, or, if - you want ppp to establish sessions automatically when there is + you want ppp to establish sessions automatically when there is outbound traffic (and you haven't created the start_if.tun0 script), type @@ -21878,83 +21886,84 @@ sendmail_flags="-bd" Client side: - - + + - - Ensure that the tun device is built into your + + Ensure that the tun device is built into your kernel. - + - - Ensure that the tunX device file is + + Ensure that the tunX device file is available in the /dev directory. - + - + Create an entry in /etc/ppp/ppp.conf. The pmdemand example should suffice for most ISPs. - + - + If you have a dynamic IP address, create an entry in /etc/ppp/ppp.linkup. - + - + Update your /etc/rc.conf (or sysconfig) file. - + - + Create a start_if.tun0 script if you require demand dialing. - + - - + - Server side: - + + Server side: + + - - Ensure that the tun device is built into your + + Ensure that the tun device is built into your kernel. - + - - Ensure that the tunX device file is + + Ensure that the tunX device file is available in the /dev directory. - + - + Create an entry in /etc/passwd (using the vipw8 program). - + - + Create a profile in this users home directory that runs ppp -direct direct-server or similar. - + - + Create an entry in /etc/ppp/ppp.conf. The direct-server example should suffice. - + - + Create an entry in /etc/ppp/ppp.linkup. - + - + Update your /etc/rc.conf (or sysconfig) file. - + - + @@ -21984,29 +21993,32 @@ sendmail_flags="-bd" Contributed by &a.gena;. Before you start setting up PPP on your machine make sure that - pppd is located in /usr/sbin and directory + pppd is located in /usr/sbin and directory /etc/ppp exists. - pppd can work in two modes: + pppd can work in two modes: + - as a client , i.e. you want to connect your machine to + as a client, i.e. you want to connect your machine to outside world via PPP serial connection or modem line. - as a server , i.e. your machine is located on the + as a server, i.e. your machine is located on the network and used to connect other computers using PPP. - In both cases you will need to set up an options file + + + In both cases you will need to set up an options file (/etc/ppp/options or ~/.ppprc if you have more then one user on your machine that uses PPP). - You also will need some modem/serial software ( preferably - kermit ) so you can dial and establish connection with remote + You also will need some modem/serial software (preferably + kermit) so you can dial and establish connection with remote host. @@ -22034,30 +22046,31 @@ defaultroute # put this if you want that PPP server will be your # default router - To connect: - + To connect: + + - - Dial to the remote host using kermit ( or other modem - program ) enter your user name and password ( or whatever is - needed to enable PPP on the remote host ) - + + Dial to the remote host using kermit (or other modem + program) enter your user name and password (or whatever is + needed to enable PPP on the remote host) + - - Exit kermit. ( without hanging up the line ) - + + Exit kermit (without hanging up the line). + - - enter: + + enter: - &prompt.root; /usr/src/usr.sbin/pppd.new/pppd /dev/tty01 19200 - ( put the appropriate - speed and device name ) - + &prompt.root; /usr/src/usr.sbin/pppd.new/pppd /dev/tty01 19200 + + + Use the appropriate speed and device name. + - - + Now your computer is connected with PPP. If the connection fails for some reasons you can add the option to the @@ -22065,7 +22078,7 @@ defaultroute # put this if you want that PPP server will be your the console to track the problem Following /etc/ppp/pppup script will make - all 3 stages automatically: + all 3 stages automatically: #!/bin/sh @@ -22087,15 +22100,15 @@ ifconfig ppp0 delete kermit -y /etc/ppp/kermit.dial pppd /dev/tty01 19200 - + /etc/ppp/kermit.dial is kermit script that dials and makes all necessary authorization on the remote - host. ( Example of such script is attached to the end of this - document ) + host. (Example of such script is attached to the end of this + document) Use the following /etc/ppp/pppdown script - to disconnect the PPP line: + to disconnect the PPP line: #!/bin/sh @@ -22116,10 +22129,10 @@ fi /sbin/ifconfig ppp0 delete kermit -y /etc/ppp/kermit.hup /etc/ppp/ppptest - + Check if PPP is still running - (/usr/etc/ppp/ppptest): + (/usr/etc/ppp/ppptest): #!/bin/sh @@ -22132,10 +22145,10 @@ fi set -x netstat -n -I ppp0 ifconfig ppp0 - + Hangs up modem line - (/etc/ppp/kermit.hup): + (/etc/ppp/kermit.hup): set line /dev/tty01 ; put your modem device here @@ -22156,7 +22169,7 @@ inp 5 OK out ATH0\13 echo \13 exit - + Here is an alternate method using chat instead of kermit. @@ -22165,7 +22178,7 @@ exit The following two files are sufficient to accomplish a pppd connection. - /etc/ppp/options: + /etc/ppp/options: /dev/cuaa1 115200 @@ -22186,7 +22199,7 @@ domain <your.domain> # put your domain name here defaultroute # put this if you want that PPP server will be # your default router - + /etc/ppp/login.chat.script: @@ -22205,17 +22218,17 @@ ABORT BUSY ABORT 'NO CARRIER' "" AT OK ATDT<phone.number> &prompt.root; pppd - This sample based primarily on information provided + This sample based primarily on information provided by: Trev Roydhouse <Trev.Roydhouse@f401.n711.z3.fidonet.org> and used by - permission. + permission. Working as a PPP server - /etc/ppp/options: + /etc/ppp/options: crtscts # Hardware flow control @@ -22229,10 +22242,10 @@ netmask 255.255.255.0 # netmask ( not required ) domain ppp.foo.com # your domain passive # wait for LCP modem # modem line - + Following /etc/ppp/pppserv script will - enable ppp server on your machine + enable ppp server on your machine: #!/bin/sh @@ -22258,10 +22271,10 @@ kermit -y /etc/ppp/kermit.ans # run ppp pppd /dev/tty01 19200 - + Use this /etc/ppp/pppservdown script to - stop ppp server: + stop ppp server: #!/bin/sh @@ -22281,10 +22294,10 @@ ifconfig ppp0 down ifconfig ppp0 delete kermit -y /etc/ppp/kermit.noans - + Following kermit script will enable/disable autoanswer mode - on your modem (/etc/ppp/kermit.ans): + on your modem (/etc/ppp/kermit.ans): set line /dev/tty01 @@ -22310,13 +22323,13 @@ out ATS0=1\13 ; change this to out ATS0=0\13 if you want to disable inp 5 OK echo \13 exit - + This /etc/ppp/kermit.dial script is used for dialing and authorizing on remote host. You will need to customize it for your needs. Put your login and password in this - script , also you will need to change input statement depending on - responses from your modem and remote host. + script, also you will need to change input statement depending on + responses from your modem and remote host. ; @@ -22433,7 +22446,7 @@ exit 1 ; comment-start: "; " ; comment-start-skip: "; " ; end: - + @@ -22451,15 +22464,15 @@ exit 1 something much fancier. First, determine which serial port your modem is connected to. I - have a symbolic link /dev/modem -> - cuaa1, and only use the modem name in my configuration + have a symbolic link to /dev/modem from + /dev/cuaa1, and only use the modem name in my configuration files. It can become quite cumbersome when you need to fix a bunch of files in /etc and .kermrc's all over the system! - /dev/cuaa0 is COM1, - cuaa1 is COM2, etc. + /dev/cuaa0 is COM1, + cuaa1 is COM2, etc. Make sure you have @@ -22474,13 +22487,13 @@ pseudo-device sl 1 Things you have to do only once - - + + - + Add your home machine, the gateway and nameservers to your /etc/hosts file. Mine looks like - this: + this: 127.0.0.1 localhost loghost @@ -22488,18 +22501,20 @@ pseudo-device sl 1 136.152.64.1 inr-3.Berkeley.EDU inr-3 slip-gateway 128.32.136.9 ns1.Berkeley.edu ns1 128.32.136.12 ns2.Berkeley.edu ns2 - By the way, silvia is + + + By the way, silvia is the name of the car that I had when I was back in Japan (it is called 2?0SX here in U.S.). - + - + Make sure you have before in your /etc/host.conf. Otherwise, funny things may happen. - + - + Edit the file /etc/rc.conf. Note that you should edit the file /etc/sysconfig instead if you are @@ -22545,9 +22560,9 @@ defaultrouter=slip-gateway - + - + Make a file /etc/resolv.conf which contains: @@ -22559,32 +22574,32 @@ nameserver 128.32.136.12 you can see, these set up the nameserver hosts. Of course, the actual domain names and addresses depend on your environment. - + - + Set the password for root and toor (and any other accounts that does not have a password). Use passwd, do not edit the /etc/passwd or /etc/master.passwd files! - + - + Reboot your machine and make sure it comes up with the correct hostname. - + - - + + Making a SLIP connection - - + + - + Dial up, type slip at the prompt, enter your machine name and password. The things you need to enter depends on your environment. I use kermit, with a script like this: @@ -22614,22 +22629,24 @@ output ***\x0d, echo \x0aCONNECTED\x0a filesystem is generally a BAD idea. Do it at your own risk. I am just too lazy. - + - + Leave the kermit there (you can suspend it by z) and - as root, type + as root, type: &prompt.root; slattach -h -c -s 115200 /dev/modem - if you are able to ping hosts + + + If you are able to ping hosts on the other side of the router, you are connected! If it does not work, you might want to try instead of as an argument to slattach. - + - - + + @@ -22659,7 +22676,8 @@ output ***\x0d, echo \x0aCONNECTED\x0a Troubleshooting If it does not work, feel free to ask me. The things that - people tripped over so far: + people tripped over so far: + @@ -22707,8 +22725,6 @@ silvia.HIP.Berke localhost.Berkeley UGH 34 47641234 lo0 - 0.438 - - @@ -22770,9 +22786,8 @@ silvia.HIP.Berke localhost.Berkeley UGH 34 47641234 lo0 - 0.438 getty8, & init8 for information relevant to configuring the system to accept logins on modems, and perhaps stty1 for information on - setting serial port parameters [such as clocal for directly-connected serial - interfaces]. + setting serial port parameters (such as clocal for directly-connected serial + interfaces). @@ -22804,7 +22819,7 @@ silvia.HIP.Berke localhost.Berkeley UGH 34 47641234 lo0 - 0.438 Shelmerg:password:1964:89::0:0:Guy Helmer - SLIP:/usr/users/Shelmerg:/usr/sbin/sliplogin - and, when Shelmerg logs in, + When Shelmerg logs in, sliplogin will search /etc/sliphome/slip.hosts for a line that had a matching user ID; for example, there may be a line in @@ -22830,11 +22845,12 @@ Shelmerg dc-slip sl-helmer 0xfffffc00 autocomp which sliplogin attached itself (slip interface 0, in the above example, which was the first parameter in the list given to slip.login) - to set the local IP address (dc-slip), remote IP address (sl-helmer), network mask for the SLIP - interface (0xfffffc00), and any additional + to set the local IP address (dc-slip), remote + IP address (sl-helmer), network mask for the SLIP + interface (0xfffffc00), and any additional flags (autocomp). If something goes wrong, sliplogin usually logs - good informational messages via the daemon syslog facility, + good informational messages via the daemon syslog facility, which usually goes into /var/log/messages (see the manual pages for syslogd8 and syslog.conf5, and perhaps check @@ -22851,8 +22867,8 @@ Shelmerg dc-slip sl-helmer 0xfffffc00 autocomp Kernel Configuration FreeBSD's default kernels usually come with two SLIP - interfaces defined (sl0 and - sl1); you can use netstat -i to see whether these interfaces + interfaces defined (sl0 and + sl1); you can use netstat -i to see whether these interfaces are defined in your kernel. Sample output from netstat -i: @@ -22882,8 +22898,7 @@ sl1* 296 <Link> 0 0 0 0 you want your FreeBSD SLIP Server to act as a router, you will have to edit the /etc/rc.conf file (called /etc/sysconfig in FreeBSD releases prior to - 2.2.2) and change the setting of the gateway variable to . + 2.2.2) and change the setting of the gateway variable to . If you have an older system which predates even the /etc/sysconfig file, then add the following command: @@ -22904,7 +22919,7 @@ sysctl -w net.inet.ip.forwarding = 1 pseudo-device sl 2 - which is the line that defines the number of SLIP devices + This is the line that defines the number of SLIP devices available in the kernel; the number at the end of the line is the maximum number of SLIP connections that may be operating simultaneously. @@ -22937,7 +22952,7 @@ pseudo-device sl 2 /etc/sliphome/slip.hosts contains lines which have at least four items, separated by whitespace: - + @@ -22958,7 +22973,7 @@ pseudo-device sl 2 - + The local and remote addresses may be host names (resolved to IP addresses by /etc/hosts or by the @@ -22979,39 +22994,38 @@ Shelmerg dc-slip sl-helmerg 0xfffffc00 autocomp At the end of the line is one or more of the options. - + - normal - no header + - no header compression - compress - compress + - compress headers - autocomp - compress + - compress headers if the remote end allows it - noicmp - disable ICMP + - disable ICMP packets (so any ping packets will be dropped instead of using up your bandwidth) - + Note that sliplogin under early releases of FreeBSD 2 ignored the options that FreeBSD 1.x - recognized, so the options normal, - compress, autocomp, and noicmp had no effect until support was + recognized, so the options , + , , and + had no effect until support was added in FreeBSD 2.2 (unless your slip.login script included code to make use of the flags). @@ -23066,7 +23080,7 @@ Shelmerg dc-slip sl-helmerg 0xfffffc00 autocomp /sbin/ifconfig sl$1 inet $4 $5 netmask $6 - This slip.login file merely ifconfig's + This slip.login file merely ifconfig's the appropriate SLIP interface with the local and remote addresses and network mask of the SLIP interface. @@ -23111,7 +23125,7 @@ Shelmerg dc-slip sl-helmerg 0xfffffc00 autocomp - which indicates that this particular system's Ethernet MAC + This indicates that this particular system's Ethernet MAC address is 00:02:c1:28:5f:4a -- the periods in the Ethernet MAC address given by netstat -i must be changed to colons and @@ -23216,7 +23230,7 @@ Shelmerg dc-slip sl-helmerg 0xfffffc00 autocomp - Running gated + Running <command>gated</command> An alternative to the headaches of static routes is to install gated on your FreeBSD SLIP @@ -23255,7 +23269,7 @@ kernel { export proto rip interface ed { proto direct { - xxx.xxx.yy mask 255.255.252.0 metric 1; # SLIP connections + xxx.xxx.yy mask 255.255.252.0 metric 1; # SLIP connections } ; } ; @@ -23269,15 +23283,15 @@ import proto rip interface ed { The above sample gated.conf file broadcasts routing information regarding the SLIP subnet - xxx.xxx.yy via RIP onto the + xxx.xxx.yy via RIP onto the Ethernet; if you are using a different Ethernet driver than the - ed driver, you will need to change - the references to the ed interface + ed driver, you will need to change + the references to the ed interface appropriately. This sample file also sets up tracing to /var/tmp/gated.output for debugging gated's activity; you can certainly turn off the tracing options if gated works OK for you. You will need to - change the xxx.xxx.yy's into the + change the xxx.xxx.yy's into the network address of your own SLIP subnet (be sure to change the net mask in the proto direct clause as well). @@ -23298,7 +23312,7 @@ import proto rip interface ed { Thanks to these people for comments and advice regarding this tutorial: - + &a.wilko; @@ -23309,12 +23323,12 @@ import proto rip interface ed { Piero Serini - <Piero@Strider.Inet.IT> + Piero@Strider.Inet.IT - + @@ -23334,8 +23348,7 @@ import proto rip interface ed { For one machine to be able to find another, there must be a mechanism in place to describe how to get from one to the other. This is called Routing. A route is a defined pair of addresses: - a destination and a gateway. The pair indicates that if you are + a destination and a gateway. The pair indicates that if you are trying to get to this destination, send along through this gateway. There are three types of destinations: individual hosts, subnets, and default. The @@ -23369,18 +23382,18 @@ host2.foobar.com link#1 UC 0 0 The first two lines specify the default route (which we will cover in the next section) and the localhost route. - The interface (Netif column) - that it specifies to use for localhost is lo0, also known as the loopback device. This + The interface (Netif column) + that it specifies to use for localhost is + lo0, also known as the loopback device. This says to keep all traffic for this destination internal, rather than sending it out over the LAN, since it will only end up back where it started anyway. The next thing that stands out are the 0:e0:... addresses. These are ethernet hardware addresses. FreeBSD will automatically identify any hosts - (test0 in the example) on the local + (test0 in the example) on the local ethernet and add a route for that host, directly to it over the - ethernet interface, ed0. There is + ethernet interface, ed0. There is also a timeout (Expire column) associated with this type of route, which is used if we fail to hear from the host in a specific amount of time. In this case the @@ -23406,13 +23419,13 @@ host2.foobar.com link#1 UC 0 0 The host1 line refers to our host, which it knows by ethernet address. Since we are the sending host, FreeBSD knows to use the loopback interface - (lo0) rather than sending it out + (lo0) rather than sending it out over the ethernet interface. The two host2 lines are an example of what happens when we use an ifconfig alias (see the section of ethernet for reasons why we would do this). The - => symbol after the lo0 interface says that not only are we + => symbol after the lo0 interface says that not only are we using the loopback (since this is address also refers to the local host), but specifically it is an alias. Such routes only show up on the host that supports the alias; all other hosts on the local @@ -23426,69 +23439,58 @@ host2.foobar.com link#1 UC 0 0 that are described in the column. Below is a short table of some of these flags and their meanings: - - - U - - Up: The route is - active. - - - - H + + + + + + U + Up: The route is active. + - - Host: The route - destination is a single host. - - + + H + Host: The route destination is a single host. + - G - - - Gateway: Send anything + + G + Gateway: Send anything for this destination on to this remote system, which will - figure out from there where to send it. - - + figure out from there where to send it. + - S - - - Static: This route was + + S + Static: This route was configured manually, not automatically generated by the - system. - - + system. + - C - - - Clone: Generates a new + + C + Clone: Generates a new route based upon this route for machines we connect to. This type of route is normally used for local - networks. - - + networks. + - W - - - WasCloned Indicated a + + W + WasCloned: Indicated a route that was auto-configured based upon a local area - network (Clone) route. - - + network (Clone) route. + - L - - - Link: Route involves - references to ethernet hardware. - - - - + + L + Link: Route involves + references to ethernet hardware. + + + + + @@ -23502,7 +23504,7 @@ host2.foobar.com link#1 UC 0 0 connect along that interface. If all known paths fail, the system has one last option: the - default route. This route is a + default route. This route is a special type of gateway route (usually the only one present in the system), and is always marked with a c in the flags field. For hosts on a local area network, this gateway is set to whatever machine has a @@ -23688,21 +23690,21 @@ Local1 (10.20.30.1, 10.9.9.30) --> T1-GW (10.9.9.1) Though the correct solution is to get a higher performance and capacity Ethernet adapter for the FreeBSD system, there is a simple workaround that will allow satisfactory operation. If the FreeBSD - system is the SERVER, include the option on the mount from - the client. If the FreeBSD system is the CLIENT, then mount the NFS + system is the server, include the option on the mount from + the client. If the FreeBSD system is the client, then mount the NFS file system with the option . These options may be - specified using the fourth field of the fstab entry on the client + specified using the fourth field of the fstab entry on the client for automatic mounts, or by using the parameter of the mount command for manual mounts. It should be noted that there is a different problem, sometimes mistaken for this one, when the NFS servers and clients are on - different networks. If that is the case, make CERTAIN that your + different networks. If that is the case, make certain that your routers are routing the necessary UDP information, or you will not get anywhere, no matter what else you are doing. - In the following examples, "fastws" is the host (interface) name - of a high-performance workstation, and "freebox" is the host + In the following examples, fastws is the host (interface) name + of a high-performance workstation, and freebox is the host (interface) name of a FreeBSD system with a lower-performance Ethernet adapter. Also, /sharedfs will be the exported NFS filesystem (see man exports), and /project will be the mount @@ -23710,27 +23712,27 @@ Local1 (10.20.30.1, 10.9.9.30) --> T1-GW (10.9.9.1) note that additional options, such as or and may be desirable in your application. - Examples for the FreeBSD system ("freebox") as the client: in + Examples for the FreeBSD system (freebox) as the client: in /etc/fstab on freebox: fastws:/sharedfs /project nfs rw,-r=1024 0 0 - as a manual mount command on freebox: + as a manual mount command on freebox: &prompt.root; mount -t nfs -o -r=1024 fastws:/sharedfs /project Examples for the FreeBSD system as the server: in - /etc/fstab on fastws: + /etc/fstab on fastws: freebox:/sharedfs /project nfs rw,-w=1024 0 0 - as a manual mount command on fastws: + as a manual mount command on fastws: &prompt.root; mount -t nfs -o -w=1024 freebox:/sharedfs /project @@ -23745,7 +23747,7 @@ freebox:/sharedfs /project nfs rw,-w=1024 0 0 smaller sizes). Since the maximum Ethernet packet is around 1500 bytes, the NFS block gets split into multiple Ethernet packets, even though it is still a single unit to the upper-level code, and - must be received, assembled, and ACKNOWLEDGED as a unit. The + must be received, assembled, and acknowledged as a unit. The high-performance workstations can pump out the packets which comprise the NFS unit one right after the other, just as close together as the standard allows. On the smaller, lower capacity @@ -23763,7 +23765,7 @@ freebox:/sharedfs /project nfs rw,-w=1024 0 0 Overruns may still occur when a high-performance workstations is slamming data out to a PC system, but with the better cards, such - overruns are not guaranteed on NFS "units". When an overrun occurs, + overruns are not guaranteed on NFS units. When an overrun occurs, the units affected will be retransmitted, and there will be a fair chance that they will be received, assembled, and acknowledged. @@ -23775,7 +23777,7 @@ freebox:/sharedfs /project nfs rw,-w=1024 0 0 Contributed by &a.martin;. - netboot.com/netboot.rom allow you to boot + netboot.com/netboot.rom allow you to boot your FreeBSD machine over the network and run FreeBSD without having a disk on your client. Under 2.0 it is now possible to have local swap. Swapping over NFS is also still supported. @@ -23788,14 +23790,15 @@ freebox:/sharedfs /project nfs rw,-w=1024 0 0 Setup Instructions - - + + - + Find a machine that will be your server. This machine will require enough disk space to hold the FreeBSD 2.0 binaries and have bootp, tftp and NFS services available. - Tested machines: + Tested machines: + @@ -23811,11 +23814,11 @@ freebox:/sharedfs /project nfs rw,-w=1024 0 0 - + - + Set up a bootp server to provide the client with IP, - gateway, netmask. + gateway, netmask. diskless:\ @@ -23827,88 +23830,155 @@ diskless:\ :ip=192.1.2.4:\ :gw=192.1.2.5:\ :vm=rfc1048: - - + + - + Set up a TFTP server (on same machine as bootp server) to provide booting information to client. The name of this - file is cfg.X.X.X.X (or - /tftpboot/cfg.X.X.X.X, it will try - both) where X.X.X.X is the IP address + file is cfg.X.X.X.X (or + /tftpboot/cfg.X.X.X.X, it will try + both) where X.X.X.X is the IP address of the client. The contents of this file can be any valid netboot commands. Under 2.0, netboot has the following - commands: + commands: - -help - print help list -ip <X.X.X.X> - print/set client's IP address -server <X.X.X.X> - print/set bootp/tftp server address -netmask <X.X.X.X> - print/set netmask -hostname <name> - print/set hostname -kernel <name> - print/set kernel name -rootfs <ip:/fs> - print/set root filesystem -swapfs <ip:/fs> - print/set swap filesystem -swapsize <size> - set diskless swapsize in Kbytes -diskboot - boot from disk -autoboot - continue boot process -trans <on|off> - turn transceiver on|off -flags [bcdhsv] - set boot flags - A typical completely diskless cfg file - might contain: + + + + + help + print help list + + + + ip + print/set client's IP address + + + + server + print/set bootp/tftp server address + + + + netmask + print/set netmask + + + + hostname name + print/set hostname + + + + kernel + print/set kernel name + + + + rootfs + print/set root filesystem + + + + swapfs + print/set swap filesystem + + + + swapsize + set diskless swapsize in Kbytes + + + + diskboot + boot from disk + + + + autoboot + continue boot process + + + + trans + | + turn transceiver on|off + + + + flags + + set boot flags + + + + + + A typical completely diskless cfg file + might contain: rootfs 192.1.2.3:/rootfs/myclient swapfs 192.1.2.3:/swapfs swapsize 20000 hostname myclient.mydomain - A cfg file for a machine with local swap - might contain: + + + A cfg file for a machine with local swap + might contain: rootfs 192.1.2.3:/rootfs/myclient hostname myclient.mydomain - - + + - + Ensure that your NFS server has exported the root (and swap if applicable) filesystems to your client, and that the client has root access to these filesystems A typical /etc/exports file on FreeBSD might look - like: + like: /rootfs/myclient -maproot=0:0 myclient.mydomain /swapfs -maproot=0:0 myclient.mydomain - And on HP-UX: + + + And on HP-UX: /rootfs/myclient -root=myclient.mydomain /swapfs -root=myclient.mydomain - - + + - + If you are swapping over NFS (completely diskless configuration) create a swap file for your client using dd. If your swapfs command has the arguments /swapfs and the size 20000 as in the example above, the swapfile for myclient will be called - /swapfs/swap.X.X.X.X where - X.X.X.X is the client's IP addr, eg: + /swapfs/swap.X.X.X.X where + X.X.X.X is the client's IP addr, eg: + &prompt.root; dd if=/dev/zero of=/swapfs/swap.192.1.2.4 bs=1k count=20000 - Also, the client's swap space might + + + Also, the client's swap space might contain sensitive information once swapping starts, so make sure to restrict read and write access to this file to - prevent unauthorized access: + prevent unauthorized access: + &prompt.root; chmod 0600 /swapfs/swap.192.1.2.4 - - + + - + Unpack the root filesystem in the directory the client will use for its root filesystem (/rootfs/myclient in the example @@ -23937,16 +24007,16 @@ hostname myclient.mydomain - + - - Run netboot.com on the client or + + Run netboot.com on the client or make an EPROM from the netboot.rom file - + - - + + @@ -23984,7 +24054,8 @@ hostname myclient.mydomain is Dan Kegel's ISDN Page. - A quick simple roadmap to ISDN follows: + A quick simple roadmap to ISDN follows: + @@ -24007,7 +24078,6 @@ hostname myclient.mydomain - Cost is a significant factor in determining what solution you will choose. The following options are listed from least expensive @@ -24042,7 +24112,8 @@ hostname myclient.mydomain source can be found on the above mentioned ftp server under directory isdn as file bisdn-097.tar.gz. - There are drivers for the following cards: + There are drivers for the following cards: + @@ -24055,13 +24126,12 @@ hostname myclient.mydomain - There are several limitations with the bisdn stuff. Specifically the following features usually associated with ISDN are not supported. - + @@ -24086,13 +24156,16 @@ hostname myclient.mydomain - + A majordomo maintained mailing list is available. To join the list, send mail to &a.majordomo; and specify: + subscribe freebsd-isdn - In the body + + + in the body of your message. @@ -24218,7 +24291,8 @@ subscribe freebsd-isdn network to a head office network the following setup could be used. - Branch office or Home network + + Branch office or Home network Network is 10 Base T Ethernet. Connect router to network cable with AUI/10BT transceiver, if necessary. @@ -24239,10 +24313,12 @@ ISDN BRI line If your home/branch office is only one computer you can use a twisted pair crossover cable to connect to the standalone router directly. + - Head office or other lan + + Head office or other lan - Network is Twisted Pair Ethernet. + Network is Twisted Pair Ethernet. @@ -24257,11 +24333,12 @@ ISDN BRI line |___---Standalone router | ISDN BRI line - + + One large advantage of most routers/bridges is that they allow - you to have 2 SEPARATE INDEPENDENT PPP connections to 2 separate - sites at the SAME time. This is not supported on most TA's, + you to have 2 separate independent PPP connections to 2 separate + sites at the same time. This is not supported on most TA's, except for specific(expensive) models that have two serial ports. Do not confuse this with channel bonding, MPP etc. @@ -24295,16 +24372,14 @@ ISDN BRI line Some parts of E-Mail configuration are controlled in the Domain Name System (DNS). If you are going to run your own own DNS server - check out /etc/namedb - and ' man -k named - ' for more information. + check out /etc/namedb and man -k named for more information. Basic Information These are the major programs involved in an E-Mail exchange. A - mailhost is a server that is + mailhost is a server that is responsible for delivering and receiving all email for your host, and possibly your network. @@ -24312,10 +24387,10 @@ ISDN BRI line User program - This is a program like elm, pine, - mail , or something more sophisticated like a WWW + This is a program like elm, pine, + mail, or something more sophisticated like a WWW browser. This program will simply pass off all e-mail - transactions to the local mailhost , + transactions to the local mailhost , either by calling sendmail or delivering it over TCP. @@ -24324,8 +24399,8 @@ ISDN BRI line Mailhost Server Daemon - Usually this program is sendmail or - smail running in the background. Turn it off or + Usually this program is sendmail or + smail running in the background. Turn it off or change the command line options in /etc/rc.conf (or, prior to FreeBSD 2.2.2, /etc/sysconfig). It is best to leave it on, @@ -24337,12 +24412,11 @@ ISDN BRI line secure site. Some versions of sendmail have known security problems. - sendmail - does two jobs. It looks after delivering + sendmail does two jobs. It looks after delivering and receiving mail. - If sendmail - needs to deliver mail off your site it will look up in + If sendmail + needs to deliver mail off your site it will look up in the DNS to determine the actual host that will receive mail for the destination. @@ -24355,11 +24429,11 @@ ISDN BRI line DNS - Name Service - The Domain Name System and its daemon named , contain the database mapping + The Domain Name System and its daemon named, contain the database mapping hostname to IP address, and hostname to mailhost. The IP address - is specified in an A record. The MX record specifies the + is specified in an A record. The MX record specifies the mailhost that will receive mail for you. If you do not have a - MX record mail for your hostname, the mail will be delivered to + MX record mail for your hostname, the mail will be delivered to your host directly. Unless you are running your own DNS server, you will not be @@ -24373,25 +24447,25 @@ ISDN BRI line This program gets the mail from your mailbox and gives it to your browser. If you want to run a POP server on your computer, - you will need to do 2 things. - + you will need to do 2 things. + + - + Get pop software from the Ports collection that can be found in /usr/ports or packages collection. This handbook section has a complete reference on the system. - + - - Modify /etc/inetd.conf + + Modify /etc/inetd.conf to load the POP server. - + - + The pop program will have instructions with it. Read @@ -24412,28 +24486,35 @@ ISDN BRI line /etc/resolv.conf setup or are running a name server. If you want to have mail for your host delivered to your specific host,there are two methods: - - - Run a name server ( man -k - named ) and have your own domain + + + + Run a name server (man -k named) and have your own domain smallminingco.com - - - Get mail delivered to the current DNS name for your host. + + + + Get mail delivered to the current DNS name for your host. Ie: dorm6.ahouse.school.edu + + No matter what option you choose, to have mail delivered directly to your host, you must be a full Internet host. You must have a permanent IP address. IE: NO dynamic PPP. If you are behind a firewall, the firewall must be passing on smtp traffic to - you. From /etc/services + you. From /etc/services: smtp 25/tcp mail #Simple Mail Transfer - If you + + + If you want to receive mail at your host itself, you must make sure that the DNS MX entry points to your host address, or there is no MX entry for your DNS name. - Try this + Try this: &prompt.root; hostname @@ -24444,18 +24525,19 @@ newbsdbox.freebsd.org has address 204.216.27.xx If that is all that comes out for your machine, mail directory - to root@newbsdbox.freebsd.org + to root@newbsdbox.freebsd.org will work no problems. - If instead, you have this + If instead, you have this: &prompt.root; host newbsdbox.freebsd.org newbsdbox.FreeBSD.org has address 204.216.27.xx newbsdbox.FreeBSD.org mail is handled (pri=10) by freefall.FreeBSD.org - All mail sent to your host - directly will end up on freefall, under the same username. + + + All mail sent to your host + directly will end up on freefall, under the same username. This information is setup in your domain name server. This should be the same host that is listed as your primary nameserver @@ -24466,7 +24548,7 @@ newbsdbox.FreeBSD.org mail is handled (pri=10) by freefall.FreeBSD.org delivered directly to the host by way of the Address record. - The MX entry for freefall.freebsd.org at one time. + The MX entry for freefall.freebsd.org at one time. freefall MX 30 mail.crl.net @@ -24476,19 +24558,18 @@ freefall MX 10 freefall.FreeBSD.org freefall MX 20 who.cdrom.com freefall A 204.216.27.xx freefall CNAME www.FreeBSD.org - + - Freefall has many MX entries. The lowest MX number gets the + freefall has many MX entries. The lowest MX number gets the mail in the end. The others will queue mail temporarily, if - freefall is busy or down. + freefall is busy or down. Alternate MX sites should have separate connections to the Internet, to be most useful. An Internet Provider or other friendly site can provide this service. - dig, nslookup, - and - host are your friends. + dig, nslookup, + and host are your friends. @@ -24498,16 +24579,16 @@ freefall CNAME www.FreeBSD.org To setup up a network mailhost, you need to direct the mail from arriving at all the workstations. In other words, you want to - hijack all mail for *.smallminingco.com - and divert it to one machine, your mailhost. + hijack all mail for *.smallminingco.com + and divert it to one machine, your mailhost. The network users on their workstations will most likely pick up their mail over POP or telnet. - A user account with the SAME USERNAME should exist on both + A user account with the same username should exist on both machines. Please use adduser to do - this as required. If you set the shell to /nonexistent + this as required. If you set the shell to + /nonexistent the user will not be allowed to login. The mailhost that you will be using must be designated the @@ -24515,12 +24596,12 @@ freefall CNAME www.FreeBSD.org (ie BIND, named). Please refer to a Networking book for in-depth information. - You basically need to add these lines in your DNS server. + You basically need to add these lines in your DNS server. -pc24.smallminingco.com A xxx.xxx.xxx.xxx ; Workstation ip +pc24.smallminingco.com A xxx.xxx.xxx.xxx ; Workstation ip MX 10 smtp.smallminingco.com ; Your mailhost - + You cannot do this yourself unless you are running a DNS server. If you do not want to run a DNS server, get somebody else @@ -24536,26 +24617,26 @@ pc24.smallminingco.com A xxx.xxx.xxx.xxx ; Workstation ip I have a customer with domain foo.bar and I want all mail for foo.bar to be sent to my machine smtp.smalliap.com. You must make - an entry in your DNS server like: + an entry in your DNS server like: foo.bar MX 10 smtp.smalliap.com ; your mailhost - The A record is not needed if you only - want E-Mail for the domain. IE: Don't expect ping foo.bar + + + The A record is not needed if you only + want E-Mail for the domain. IE: Don't expect ping foo.bar to work unless an Address record for foo.bar exists as well. On the mailhost that actually accepts mail for final delivery - to a mailbox, sendmail must be told what hosts it will be + to a mailbox, sendmail must be told what hosts it will be accepting mail for. - Add pc24.smallminingco.com to /etc/sendmail.cw (if you are - using FEATURE(use_cw_file)), or add a "Cw myhost.smalliap.com" - line to /etc/sendmail.cf + Add pc24.smallminingco.com to /etc/sendmail.cw (if you are + using FEATURE(use_cw_file)), or add a Cw myhost.smalliap.com + line to /etc/sendmail.cf - If you plan on doing anything serious with sendmail you should install the sendmail + If you plan on doing anything serious with sendmail you should install the sendmail source. The source has plenty of documentation with it. You will find information on getting sendmail source from + The sendmail FAQ is in /usr/src/usr.sbin/sendmail and is recommended @@ -24816,23 +24898,25 @@ bigco.com. MX 10 bigco.com. Cw bigco.com in /etc/sendmail.cf on bigco.com). - When the senders sendmail is trying to deliver the mail it + When the senders sendmail is trying to deliver the mail it will try to connect to you over the modem link. It will most - likely time out because you are not online. Sendmail will + likely time out because you are not online. sendmail will automatically deliver it to the secondary MX site, ie your Internet provider. The secondary MX site will try every (sendmail_flags = "-bd -q15m" in /etc/rc.conf ) 15 minutes to connect to your host to deliver the mail to the primary MX site. - You might wat to use something like this as a login script. + You might wat to use something like this as a login script. #!/bin/sh # Put me in /usr/local/bin/pppbigco ( sleep 60 ; /usr/sbin/sendmail -q ) & /usr/sbin/ppp -direct pppbigco - If you are going to create a separate + + + If you are going to create a separate login script for a user you could use sendmail -qRbigco.com instead in the script above. This will force all mail in your queue for bigco.com to be processed @@ -28093,7 +28177,7 @@ THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. # Date created: 5 December 1994 # Whom: asami # -# $Id: book.sgml,v 1.40 1998-10-21 22:05:23 nik Exp $ +# $Id: book.sgml,v 1.41 1998-10-22 23:03:01 nik Exp $ # DISTNAME= oneko-1.1b diff --git a/en_US.ISO_8859-1/books/handbook/book.sgml b/en_US.ISO_8859-1/books/handbook/book.sgml index 4b74e46c0e..e547408d67 100644 --- a/en_US.ISO_8859-1/books/handbook/book.sgml +++ b/en_US.ISO_8859-1/books/handbook/book.sgml @@ -20395,18 +20395,19 @@ AT&B2&W On your system, the programs tip and cu are probably executable only - by uucp and group dialer. You can use the group dialer to control who has access to your + by uucp and group + dialer. You can use the group dialer to control who has access to your modem or remote systems. Just add yourself to group dialer. Alternatively, you can let everyone on your system run - tip and cu by typing: + tip and cu by typing: &prompt.root; chmod 4511 /usr/bin/tip - You do not have to run + + + You do not have to run this command for cu, since cu is just a hard link to tip. @@ -20421,16 +20422,16 @@ AT&B2&W The Hayes driver is not smart enough to recognize some of the advanced features of newer modems--messages like - BUSY, NO - DIALTONE, or CONNECT - 115200 will just confuse it. You should turn those + BUSY, NO + DIALTONE, or CONNECT + 115200 will just confuse it. You should turn those messages off when you use tip (using - ATX0&W). + ATX0&W). Also, the dial timeout for tip is 60 seconds. Your modem should use something less, or else tip will think there is a communication problem. Try - ATS7=45&W. + ATS7=45&W. Actually, as shipped tip does not yet support it fully. The solution is to edit the file @@ -20450,32 +20451,36 @@ AT&B2&W id="direct-at"> How am I expected to enter these AT commands? - Make what is called a direct + Make what is called a direct entry in your /etc/remote file. For example, if your modem is hooked up to the first serial port, - /dev/cuaa0, then put in the following line: + /dev/cuaa0, then put in the following line: cuaa0:dv=/dev/cuaa0:br#19200:pa=none - Use the highest bps rate your modem supports in + + + Use the highest bps rate your modem supports in the br capability. Then, type tip cuaa0 and you will be connected to your modem. If there is no /dev/cuaa0 on your system, - do this: + do this: &prompt.root; cd /dev &prompt.root; MAKEDEV cuaa0 - + - Or use cu as root with the following command: + Or use cu as root with the following command: &prompt.root; cu -lline -sspeed - with line being the - serial port (e.g./dev/cuaa0) and speed being + + + line is the + serial port (e.g./dev/cuaa0) and speed is the speed (e.g.57600). When you are done entering the AT commands hit ~. to exit. @@ -20486,36 +20491,38 @@ cuaa0:dv=/dev/cuaa0:br#19200:pa=none The <literal>@</literal> sign for the pn capability does not work! - The @ sign in the phone number capability tells + The @ sign in the phone number capability tells tip to look in /etc/phones for a phone - number. But the @ sign is also a special character + number. But the @ sign is also a special character in capability files like /etc/remote. Escape - it with a backslash: + it with a backslash: pn=\@ - + How can I dial a phone number on the command line? - Put what is called a generic - entry in your /etc/remote file. For example: + Put what is called a generic + entry in your /etc/remote file. For example: tip115200|Dial any phone number at 115200 bps:\ :dv=/dev/cuaa0:br#115200:at=hayes:pa=none:du: tip57600|Dial any phone number at 57600 bps:\ :dv=/dev/cuaa0:br#57600:at=hayes:pa=none:du: - + - Then you can things like + Then you can things like: &prompt.root; tip -115200 5551234 - . If you prefer cu over tip, + + + If you prefer cu over tip, use a generic cu entry: @@ -20546,7 +20553,7 @@ cu115200|Use cu to dial any number at 115200bps:\ Rather than waiting until you are connected and typing CONNECT <host> each time, - use tip's cm capability. For + use tip's cm capability. For example, these entries in /etc/remote: @@ -20556,9 +20563,9 @@ muffin|muffin.deep13.com|Frank's machine:\ :cm=CONNECT muffin\n:tc=deep13: deep13:Gizmonics Institute terminal server:\ :dv=/dev/cua02:br#38400:at=hayes:du:pa=none:pn=5551234: - + - will let you type tip pain + will let you type tip pain or tip muffin to connect to the hosts pain or muffin; and tip deep13 to get to the terminal server. @@ -20573,24 +20580,24 @@ deep13:Gizmonics Institute terminal server:\ Make an entry for your university in /etc/remote and use @ for the - pn capability: + pn capability: big-university:\ :pn=\@:tc=dialout dialout:\ :dv=/dev/cuaa3:br#9600:at=courier:du:pa=none: - + Then, list the phone numbers for the university in - /etc/phones: + /etc/phones: big-university 5551111 big-university 5551112 big-university 5551113 big-university 5551114 - + tip will try each one in the listed order, then give up. If you want to keep retrying, run @@ -20608,23 +20615,20 @@ big-university 5551114 character with the ~s escape, which means set a variable. - Type ~sforce=<single-char> - followed by a newline. <single-char> is any single character. - If you leave out <single-char>, then the force + Type ~sforce=single-char + followed by a newline. single-char is any single character. + If you leave out single-char, then the force character is the nul character, which you can get by typing CTRL+2 - or CTRL+SPACE. A pretty good value for <single-char> is SHIFT+CTRL+6, which I + or CTRL+SPACE. A pretty good value for single-char is SHIFT+CTRL+6, which I have seen only used on some terminal servers. You can have the force character be whatever you want by specifying the following in your - $HOME/.tiprc file: + $HOME/.tiprc file: force=<single-char> - + @@ -20638,14 +20642,14 @@ force=<single-char> of these features. Here is a sample .tiprc file perfect for Emacs users who need - to type CTRL+2 and CTRL+A a lot: + to type CTRL+2 and CTRL+A a lot: force=^^ raisechar=^^ - The ^^ is SHIFT+CTRL+6. + The ^^ is SHIFT+CTRL+6. @@ -20656,7 +20660,7 @@ raisechar=^^ receive files with ~p (put) and ~t (take). These commands run cat and echo on the remote system to accept and - send files. The syntax is: + send files. The syntax is: ~p @@ -20668,7 +20672,7 @@ raisechar=^^ ~t remote-file local-file - + There is no error checking, so you probably should use another protocol, like zmodem. @@ -20683,7 +20687,7 @@ raisechar=^^ receiving them locally. To send files, start the receiving program on the remote end. - Then, type ~C sz <files> + Then, type ~C sz files to send them to the remote system. @@ -20697,7 +20701,7 @@ raisechar=^^ to provide other people with dialup connections to the Internet using FreeBSD, you have the option of using PPP or SLIP. Furthermore, two varieties of PPP are provided: user (sometimes - referred to as iijppp) and kernel. The + referred to as iijppp) and kernel. The procedures for configuring both types of PPP, and for setting up SLIP are described in this chapter. @@ -20711,15 +20715,15 @@ raisechar=^^ different about this new PPP that warrants its addition? To quote from the manual page: - +
This is a user process PPP software package. Normally, PPP - is implemented as a part of the kernel (e.g. as managed by pppd) + is implemented as a part of the kernel (e.g. as managed by pppd) and it is thus somewhat hard to debug and/or modify its behavior. However, in this implementation PPP is done as a user process with the help of the tunnel device driver (tun).
- + In essence, this means that rather than running a PPP daemon, the ppp program can be run as and when desired. No PPP interface @@ -20728,7 +20732,7 @@ raisechar=^^ From here on out, user ppp will be referred to simply as ppp unless a distinction needs to be made between it and any other PPP - client/server software such as pppd. Unless otherwise stated, all + client/server software such as pppd. Unless otherwise stated, all commands in this section should be executed as root. @@ -20745,7 +20749,7 @@ raisechar=^^ You are going to need the following information to hand: - + @@ -20761,25 +20765,25 @@ raisechar=^^ The IP address of your ISP's gateway. The gateway is the machine to which you will connect and will be set up as - your default route. If your + your default route. If your ISP hasn't given you this number, don't worry. We can make one up and your ISP's PPP server will tell us when we connect. This number is known from now on as - HISADDR. + HISADDR. Your ISP's netmask setting. Again, if your ISP hasn't given you this information, you can safely use a netmask of - 255.255.255.0. + 255.255.255.0. The IP addresses of one or more nameservers. Normally, you will be given two IP numbers. You - MUST have this information unless you run + must have this information unless you run your own nameserver. @@ -20788,12 +20792,12 @@ raisechar=^^ hostname then you will need this information too. If not, you will need to know from what range of IP addresses your allocated IP address will belong. If you haven't been given - this range, don't worry. You can configure PPP to accept any + this range, don't worry. You can configure ppp to accept any IP number (as explained later). - + If you do not have any of the required information, contact your ISP and make sure they provide it to you. @@ -20810,15 +20814,15 @@ raisechar=^^ To check this, go to your kernel compile directory (/sys/i386/conf or /sys/pc98/conf) and examine your kernel - configuration file. It needs to have the line + configuration file. It needs to have the line pseudo-device tun 1 - in it somewhere. The stock GENERIC kernel + in it somewhere. The stock GENERIC kernel has this as standard, so if you have not installed a custom kernel - or you do not have a /sys directory, you do not have to change + or you do not have a /sys directory, you do not have to change anything. If your kernel configuration file does not have this line in @@ -20845,7 +20849,7 @@ tun2: flags=8051<UP,POINTOPOINT,RUNNING,MULTICAST> mtu 1500 tun3: flags=8050<POINTOPOINT,RUNNING,MULTICAST> mtu 1500 - which in this case shows four tunnel devices, two of which are + This case shows four tunnel devices, two of which are currently configured and being used. If you have a kernel without the tun device, and you can not @@ -20863,7 +20867,7 @@ tun3: flags=8050<POINTOPOINT,RUNNING,MULTICAST> mtu 1500 Check the tun device Most users will only require one tun device (/dev/tun0). If you - have used more (i.e., a number other than 1 in the pseudo-device + have used more (i.e., a number other than 1 in the pseudo-device line in the kernel configuration file) then alter all references to tun0 below to reflect whichever device number you are using. @@ -20872,29 +20876,29 @@ tun3: flags=8050<POINTOPOINT,RUNNING,MULTICAST> mtu 1500 configured correctly is to re-make it. To do this, execute the following commands: - + &prompt.root; cd /dev &prompt.root; ./MAKEDEV tun0 - + If you require 16 tunnel devices in your kernel, you will need to create more than just tun0: - + &prompt.root; cd /dev &prompt.root; ./MAKEDEV tun15 - + Also, to confirm that the kernel is configured correctly, the following command should give the indicated output: - + &prompt.root; ifconfig tun0 tun0: flags=8050<POINTOPOINT,RUNNING,MULTICAST> mtu 1500 - + @@ -20905,7 +20909,7 @@ tun0: flags=8050<POINTOPOINT,RUNNING,MULTICAST> mtu 1500 into hostnames and vice versa. It can be configured to look for maps that describe IP to hostname mappings in one of two places. The first is a file called /etc/hosts - (man 5 hosts). The second is the + (man 5 hosts). The second is the Internet Domain Name Service (DNS), a distributed data base, the discussion of which is beyond the scope of this document. @@ -20915,14 +20919,13 @@ tun0: flags=8050<POINTOPOINT,RUNNING,MULTICAST> mtu 1500 The resolver is a set of system calls that do the name mappings, but you have to tell them where to find their information. You do this by first editing the file - /etc/host.conf. Do not call this file - /etc/hosts.conf (note the extra s) as the + /etc/host.conf. Do not call this file + /etc/hosts.conf (note the extra s) as the results can be confusing. - Edit the /etc/host.conf file + Edit the <filename>/etc/host.conf</filename> file This file should contain the following two lines: @@ -20931,7 +20934,7 @@ hosts bind - which instructs the resolver to first look in + These instructs the resolver to first look in the file /etc/hosts, and then to consult the DNS if the name was not found. @@ -20943,7 +20946,8 @@ bind This file should contain the IP addresses and names of machines on your network. At a bare minimum it should contain entries for the machine which will be running ppp. Assuming that - your machine is called foo.bar.com with the IP address 10.0.0.1, + your machine is called foo.bar.com + with the IP address 10.0.0.1, /etc/hosts should contain: @@ -20971,16 +20975,17 @@ bind line(s): -nameserver x.x.x.x -nameserver y.y.y.y -domain bar.com +nameserver x.x.x.x +nameserver y.y.y.y +domain bar.com - The x.x.x.x and y.y.y.y addresses are those given to you + The x.x.x.x and + y.y.y.y addresses are those given to you by your ISP. Add as many nameserver lines as your ISP provides. The domain line defaults to your hostname's - domain, and is probably unnecessary. Refer to the resolv.conf + domain, and is probably unnecessary. Refer to the resolv.conf manual page for details of other possible entries in this file. @@ -20988,15 +20993,15 @@ domain bar.com - PPP Configuration + <command>ppp</command> Configuration - Both user ppp and pppd (the kernel level implementation of + Both user ppp and pppd (the kernel level implementation of PPP) use configuration files located in the /etc/ppp directory. The sample configuration files provided are a good reference for user ppp, so don't delete them. - Configuring ppp requires that you edit a number of files, + Configuring ppp requires that you edit a number of files, depending on your requirements. What you put in them depends to some extent on whether your ISP allocates IP addresses statically (i.e., you get given one IP address, and always use that one) or @@ -21014,12 +21019,12 @@ domain bar.com to the example below. - Lines that end in a : start in the first column, all + Lines that end in a : start in the first column, all other lines should be indented as shown using spaces or tabs. - + 1 default: 2 set device /dev/cuaa0 @@ -21030,13 +21035,15 @@ domain bar.com 7 set login "TIMEOUT 10 gin:-BREAK-gin: foo word: bar col: ppp" 8 set timeout 300 9 deny lqr -10 set ifaddr x.x.x.x y.y.y.y +10 set ifaddr x.x.x.x y.y.y.y 11 delete ALL 12 add 0 0 HISADDR - Do not include the line numbers, they are - just for reference in this discussion. + + + Do not include the line numbers, they are + just for reference in this discussion. + - Line 1: @@ -21049,8 +21056,8 @@ domain bar.com Identifies the device to which the modem is - connected. COM1: is /dev/cuaa0 and - COM2: is /dev/cuaa1. + connected. COM1: is /dev/cuaa0 and + COM2: is /dev/cuaa1. @@ -21066,7 +21073,7 @@ domain bar.com Line 4: - The dial string. User ppp uses an expect-send + The dial string. User PPP uses an expect-send syntax similar to the chat8 program. Refer to the manual page for information on the features of this language. @@ -21085,13 +21092,14 @@ domain bar.com Sets the phone number for this provider. Multiple - phone numbers may be specified using the : or | + phone numbers may be specified using the + : or | character as a separator. The difference between these spearators is described in the ppp manual page. To summarize, if you want to rotate through the numbers, - use the :. If you want to always attempt to dial + use the :. If you want to always attempt to dial the first number first and only use the other numbers if - the first number fails, use the |. Always quote the + the first number fails, use the |. Always quote the entire set of phone numbers as shown. @@ -21106,8 +21114,8 @@ domain bar.com J. Random Provider -login: foo -password: bar +login: foo +password: bar protocol: ppp @@ -21133,18 +21141,18 @@ protocol: ppp Line 9: - Ppp can be configured to exchange Link Quality + ppp can be configured to exchange Link Quality Report (LQR) packets. These packets describe how good - the physical link is. Ppp's LQR strategy is to close + the physical link is. ppp's LQR strategy is to close the connection when a number of these packets are missed. This is useful when you have a direct serial link to another machine and the DSR modem signal is not available to indicate that the line is up. When data saturates the line, LQR packets are sometimes - missed, causing ppp to close the connection + missed, causing ppp to close the connection prematurely. Refusing to negotiate lqr is sometimes prudent (if you are going through a modem) as it avoids - this whole mess. By default, ppp will not attempt to + this whole mess. By default, ppp will not attempt to negotiate LQR, but will accept LQR negotiation from the peer. @@ -21153,9 +21161,9 @@ protocol: ppp Line 10: - Sets the interface addresses. The string x.x.x.x + Sets the interface addresses. The string x.x.x.x should be replaced by the IP address that your provider - has allocated to you. The string y.y.y.y should be + has allocated to you. The string y.y.y.y should be replaced by the IP address that your ISP indicated for their gateway (the machine to which you connect). If your ISP hasn't given you a gateway address, use @@ -21164,7 +21172,7 @@ protocol: ppp an entry in /etc/ppp/ppp.linkup as per the instructions for . If this line is omitted, ppp cannot + IP addresses">. If this line is omitted, ppp cannot run in or mode. @@ -21175,7 +21183,7 @@ protocol: ppp Deletes all existing routing table entries for the acquired tun device. This should not normally be - necessary, but will make sure that PPP is starting with + necessary, but will make sure that ppp is starting with a clean bill of health. @@ -21184,16 +21192,16 @@ protocol: ppp Adds a default route to your ISPs gateway. The - special word HISADDR is replaced with + special word HISADDR is replaced with the gateway address specified on line 9. It is important that this line appears after line 9, otherwise - HISADDR will not yet be + HISADDR will not yet be initialized. - + It is not necessary to add an entry to ppp.linkup when you have a static IP @@ -21215,7 +21223,7 @@ protocol: ppp If your service provider does not assign static IP numbers, ppp can be configured to negotiate the local and remote addresses. This is done by guessing an - IP number and allowing ppp to set it up correctly using the IP + IP number and allowing ppp to set it up correctly using the IP Configuration Protocol (IPCP) after connecting. The ppp.conf configuration is the same as 10.0.0.1. Do not use 0.0.0.0/0 as the first argument to set ifaddr as it - prevents ppp from setting up an initial route in + prevents ppp from setting up an initial route in and mode. - + You will also need to create an entry in /etc/ppp/ppp.linkup. ppp.linkup is used after a connection has - been established. At this point, ppp will know what IP - addresses should really be used. + been established. At this point, ppp will know what IP + addresses should really be used. The following entry will delete the existing bogus routes, and create correct ones: @@ -21273,25 +21281,25 @@ set ifaddr 10.0.0.1/0 10.0.0.2/0 255.255.255.0 0.0.0.0 3 add 0 0 HISADDR - + Line 1: - On establishing a connection, ppp will look for an + On establishing a connection, ppp will look for an entry in ppp.linkup according to the following rules: First, try to match the same label as we used in ppp.conf. If that fails, look for an entry for the IP number of our gateway. This entry is a four-octet IP style label. If we still haven't found an entry, look for the - MYADDR entry. + MYADDR entry. Line 2: - This line tells ppp to delete all existing routes + This line tells ppp to delete all existing routes for the acquired tun interface (except the direct route entry). @@ -21300,15 +21308,15 @@ set ifaddr 10.0.0.1/0 10.0.0.2/0 255.255.255.0 0.0.0.0 Line 3: - This line tells ppp to add a default route that - points to HISADDR. - HISADDR will be replaced with the IP + This line tells ppp to add a default route that + points to HISADDR. + HISADDR will be replaced with the IP number of the gateway as negotiated in the IPCP. - + See the pmdemand entry in the files /etc/ppp/ppp.conf.sample and @@ -21318,29 +21326,29 @@ set ifaddr 10.0.0.1/0 10.0.0.2/0 255.255.255.0 0.0.0.0 - Receiving incoming calls with PPP + Receiving incoming calls with <command>ppp</command> - This section describes setting up ppp in a server + This section describes setting up ppp in a server role. When you configure ppp to receive incoming calls, you must decide whether you wish to - forward packets for just ppp + forward packets for just PPP connections, for all interfaces, or not at all. To forward for - just ppp connections, include the line + just PPP connections, include the line enable proxy - in your ppp.conf file. If you wish to - forward packets on all interfaces, use the + in your ppp.conf file. If you wish to + forward packets on all interfaces, use the gateway=YES - option in /etc/rc.conf (this file used + option in /etc/rc.conf (this file used to be called /etc/sysconfig). @@ -21351,31 +21359,31 @@ gateway=YES Dialup Services"> provides a good description on enabling dialup services using getty. - An alternative to getty is mgetty, a smarter version of getty designed with dialup lines in mind. + An alternative to getty is mgetty, a smarter version of getty designed with dialup lines in mind. - The advantages of using mgetty is that it actively + The advantages of using mgetty is that it actively talks to modems, meaning if port is turned off in /etc/ttys then your modem won't answer the phone. - Later versions of mgetty (from 0.99beta onwards) also + Later versions of mgetty (from 0.99beta onwards) also support the automatic detection of PPP streams, allowing your clients script-less access to your server. Refer to for more information on mgetty. + AutoPPP"> for more information on mgetty. PPP permissions - PPP must normally be run as user id 0. If however you - wish to allow ppp to run in server mode as a normal user by - executing ppp as described below, that user must be given - permission to run ppp by adding them to the network group in + ppp must normally be run as user id 0. If however you + wish to allow ppp to run in server mode as a normal user by + executing ppp as described below, that user must be given + permission to run ppp by adding them to the + network group in /etc/group. @@ -21414,7 +21422,7 @@ exec /usr/sbin/ppp -direct $IDENT You should use this script as the shell for all your dialup ppp users. This is an example from /etc/password for - a dialup PPP user with username pchilds. (remember don't + a dialup PPP user with username pchilds. (remember don't directly edit the password file, use vipw) @@ -21422,7 +21430,7 @@ pchilds:*:1011:300:Peter Childs PPP:/home/ppp:/etc/ppp/ppp-dialup Create a /home/ppp directory that is - world readable containing the following 0 byte files + world readable containing the following 0 byte files @@ -21430,7 +21438,7 @@ pchilds:*:1011:300:Peter Childs PPP:/home/ppp:/etc/ppp/ppp-dialup -r--r--r-- 1 root wheel 0 May 27 02:22 .rhosts - which prevents /etc/motd from being + which prevents /etc/motd from being displayed. @@ -21442,8 +21450,8 @@ pchilds:*:1011:300:Peter Childs PPP:/home/ppp:/etc/ppp/ppp-dialup and for each account with statically assigned IPs create a symbolic link to ppp-shell. - For example, if you have three dialup customers fred, sam, - and mary, that you route class C networks for, you would type + For example, if you have three dialup customers fred, sam, + and mary, that you route class C networks for, you would type the following: @@ -21454,7 +21462,7 @@ pchilds:*:1011:300:Peter Childs PPP:/home/ppp:/etc/ppp/ppp-dialup Each of these users dialup accounts should have their - shell set to the symbolic link created above. (ie. mary's + shell set to the symbolic link created above. (ie. mary's shell should be /etc/ppp/ppp-mary). @@ -21479,25 +21487,27 @@ ttyd1: set ifaddr 203.14.100.1 203.14.100.21 255.255.255.255 enable proxy - - Note the indenting is important. + + + The indenting is important. + The default: section is loaded for each session. For each dialup line enabled in /etc/ttys create an entry similar to the one for ttyd0: above. Each line - should get a unique IP from your pool of ip address for + should get a unique IP address from your pool of IP addresses for dynamic users. - Setting up ppp.conf for static-IP users + Setting up <filename>ppp.conf</filename> for static-IP users Along with the contents of the sample /etc/ppp/ppp.conf above you should add a section for each of the statically assigned dialup users. We - will continue with our fred, sam, and mary example. + will continue with our fred, sam, and mary example. fred: @@ -21530,24 +21540,24 @@ mary: - More on mgetty, AutoPPP, and MS extensions + More on <command>mgetty</command>, AutoPPP, and MS extensions - Mgetty and AutoPPP + <title><command>mgetty</command> and AutoPPP - Configuring and compiling mgetty with the AUTO_PPP - option enabled allows mgetty to detect the LCP phase of PPP + Configuring and compiling mgetty with the AUTO_PPP + option enabled allows mgetty to detect the LCP phase of PPP connections and automatically spawn off a ppp shell. However, since the default login/password sequence does not occur it is necessary to authenticate users using either PAP or CHAP. This section assumes the user has successfully - configured, compiled, and installed a version of mgetty with - the AUTO_PPP option (v0.99beta or later) + configured, compiled, and installed a version of mgetty with + the AUTO_PPP option (v0.99beta or later) Make sure your /usr/local/etc/mgetty+sendfax/login.config file has the following in it: @@ -21556,7 +21566,7 @@ mary: /AutoPPP/ - - /etc/ppp/ppp-pap-dialup - This will tell mgetty to run the + This will tell mgetty to run the ppp-pap-dialup script for detected PPP connections. @@ -21600,11 +21610,10 @@ enable passwdauth option to authenticate users via pap from the - /etc/passwordd file. (*) - - (*) Note this option only available in 2.2-961014-SNAP + /etc/passwordd file(*) Note this option only available in 2.2-961014-SNAP or later, or by getting the updated ppp code for 2.1.x. (see MS extensions below for details) + . @@ -21644,7 +21653,7 @@ default: Some ISPs set their system up so that the authentication part of your connection is done using either of the PAP or CHAP authentication mechanisms. If this is the case, your ISP will - not give a login: prompt when you + not give a login: prompt when you connect, but will start talking PPP immediately. PAP is less secure than CHAP, but security is not normally @@ -21661,15 +21670,15 @@ default: 7 set login … -13 set authname MyUserName -14 set authkey MyPassword +13 set authname MyUserName +14 set authkey MyPassword As always, do not include the line numbers, they are just for reference in this discussion. Indentation of at least one space is required. - + Line 7: @@ -21683,8 +21692,7 @@ default: This line specifies your PAP/CHAP user name. You - will need to insert the correct value for MyUserName. + will need to insert the correct value for MyUserName. @@ -21693,12 +21701,13 @@ default: This line specifies your PAP/CHAP password. You - will need to insert the correct value for MyPassword. You may want to add an + will need to insert the correct value for MyPassword. You may want to add an additional line + 15 accept PAP or + 15 accept CHAP to make it obvious that this is the @@ -21708,10 +21717,10 @@ default: - + - Your authkey will be logged + Your authkey will be logged if you have command logging turned on (set log +command). Care should be taken when deciding the ppp log file permissions. @@ -21719,15 +21728,14 @@ default: - Changing your ppp configuration on the fly + Changing your <command>ppp</command> configuration on the fly - It is possible to talk to the ppp program while it is + It is possible to talk to the ppp program while it is running in the background, but only if a suitable password has been set up. By default, ppp will listen to a TCP port of 3000 + - tunno, where tunno is the number of the tun device + tunno, where tunno is the number of the tun device acquired, however, if a password for the local machine is not set up in /etc/ppp/ppp.secret, no server connection will be created. To set your password, put the @@ -21735,19 +21743,19 @@ default: /etc/ppp/ppp.secret: -foo MyPassword +foo MyPassword - where foo is your local + foo is your local hostname (run hostname -s to determine the - correct name), and MyPassword is + correct name), and MyPassword is the unencrypted password that you wish to use. /etc/ppp/ppp.secret should - NOT be accessable by anyone without user id - 0. This means that /, + not be accessable by anyone without user id + 0. This means that /, /etc and /etc/ppp should not be writable, and ppp.secret - should be owned by user id 0 and have permissions 0600. + should be owned by user id 0 and have permissions 0600. It is also possible to select a specific port number or to have ppp listen to a local unix domain socket rather than to a @@ -21767,7 +21775,7 @@ foo MyPassword Final system configuration - You now have PPP configured, but there are a few more things + You now have ppp configured, but there are a few more things to do before it is ready to work. They all involve editing the /etc/rc.conf file (was /etc/sysconfig). @@ -21783,16 +21791,16 @@ hostname=foo.bar.com name, it's probably best that you use this name as your host name. - Look for the network_interfaces variable. If you want to + Look for the network_interfaces variable. If you want to configure your system to dial your ISP on demand, make sure the - tun0 device is added to the list, otherwise remove it. + tun0 device is added to the list, otherwise remove it. network_interfaces="lo0 tun0" ifconfig_tun0= - The ifconfig_tun0 variable should be empty, + The ifconfig_tun0 variable should be empty, and a file called /etc/start_if.tun0 should be created. This file should contain the line @@ -21816,11 +21824,11 @@ router=NO (/etc/sysconfig) It is important that the routed daemon is not started (it's started by default) as routed tends to delete the default routing - table entries created by ppp. + table entries created by ppp. It is probably worth your while ensuring that the sendmail_flags line does not include the option, - otherwise sendmail will attempt to do a network lookup every now + otherwise sendmail will attempt to do a network lookup every now and then, possibly causing your machine to dial out. You may try: @@ -21828,7 +21836,7 @@ router=NO (/etc/sysconfig) sendmail_flags="-bd" - The upshot of this is that you must force sendmail to + The upshot of this is that you must force sendmail to re-examine the mail queue whenever the ppp link is up by typing: @@ -21847,7 +21855,7 @@ sendmail_flags="-bd" 4 !bg sendmail -bd -q30m - If you don't like this, it is possible to set up a "dfilter" + If you don't like this, it is possible to set up a dfilter to block SMTP traffic. Refer to the sample files for further details. @@ -21860,7 +21868,7 @@ sendmail_flags="-bd" and then dial provider to start the PPP session, or, if - you want ppp to establish sessions automatically when there is + you want ppp to establish sessions automatically when there is outbound traffic (and you haven't created the start_if.tun0 script), type @@ -21878,83 +21886,84 @@ sendmail_flags="-bd" Client side: - - + + - - Ensure that the tun device is built into your + + Ensure that the tun device is built into your kernel. - + - - Ensure that the tunX device file is + + Ensure that the tunX device file is available in the /dev directory. - + - + Create an entry in /etc/ppp/ppp.conf. The pmdemand example should suffice for most ISPs. - + - + If you have a dynamic IP address, create an entry in /etc/ppp/ppp.linkup. - + - + Update your /etc/rc.conf (or sysconfig) file. - + - + Create a start_if.tun0 script if you require demand dialing. - + - - + - Server side: - + + Server side: + + - - Ensure that the tun device is built into your + + Ensure that the tun device is built into your kernel. - + - - Ensure that the tunX device file is + + Ensure that the tunX device file is available in the /dev directory. - + - + Create an entry in /etc/passwd (using the vipw8 program). - + - + Create a profile in this users home directory that runs ppp -direct direct-server or similar. - + - + Create an entry in /etc/ppp/ppp.conf. The direct-server example should suffice. - + - + Create an entry in /etc/ppp/ppp.linkup. - + - + Update your /etc/rc.conf (or sysconfig) file. - + - + @@ -21984,29 +21993,32 @@ sendmail_flags="-bd" Contributed by &a.gena;. Before you start setting up PPP on your machine make sure that - pppd is located in /usr/sbin and directory + pppd is located in /usr/sbin and directory /etc/ppp exists. - pppd can work in two modes: + pppd can work in two modes: + - as a client , i.e. you want to connect your machine to + as a client, i.e. you want to connect your machine to outside world via PPP serial connection or modem line. - as a server , i.e. your machine is located on the + as a server, i.e. your machine is located on the network and used to connect other computers using PPP. - In both cases you will need to set up an options file + + + In both cases you will need to set up an options file (/etc/ppp/options or ~/.ppprc if you have more then one user on your machine that uses PPP). - You also will need some modem/serial software ( preferably - kermit ) so you can dial and establish connection with remote + You also will need some modem/serial software (preferably + kermit) so you can dial and establish connection with remote host. @@ -22034,30 +22046,31 @@ defaultroute # put this if you want that PPP server will be your # default router - To connect: - + To connect: + + - - Dial to the remote host using kermit ( or other modem - program ) enter your user name and password ( or whatever is - needed to enable PPP on the remote host ) - + + Dial to the remote host using kermit (or other modem + program) enter your user name and password (or whatever is + needed to enable PPP on the remote host) + - - Exit kermit. ( without hanging up the line ) - + + Exit kermit (without hanging up the line). + - - enter: + + enter: - &prompt.root; /usr/src/usr.sbin/pppd.new/pppd /dev/tty01 19200 - ( put the appropriate - speed and device name ) - + &prompt.root; /usr/src/usr.sbin/pppd.new/pppd /dev/tty01 19200 + + + Use the appropriate speed and device name. + - - + Now your computer is connected with PPP. If the connection fails for some reasons you can add the option to the @@ -22065,7 +22078,7 @@ defaultroute # put this if you want that PPP server will be your the console to track the problem Following /etc/ppp/pppup script will make - all 3 stages automatically: + all 3 stages automatically: #!/bin/sh @@ -22087,15 +22100,15 @@ ifconfig ppp0 delete kermit -y /etc/ppp/kermit.dial pppd /dev/tty01 19200 - + /etc/ppp/kermit.dial is kermit script that dials and makes all necessary authorization on the remote - host. ( Example of such script is attached to the end of this - document ) + host. (Example of such script is attached to the end of this + document) Use the following /etc/ppp/pppdown script - to disconnect the PPP line: + to disconnect the PPP line: #!/bin/sh @@ -22116,10 +22129,10 @@ fi /sbin/ifconfig ppp0 delete kermit -y /etc/ppp/kermit.hup /etc/ppp/ppptest - + Check if PPP is still running - (/usr/etc/ppp/ppptest): + (/usr/etc/ppp/ppptest): #!/bin/sh @@ -22132,10 +22145,10 @@ fi set -x netstat -n -I ppp0 ifconfig ppp0 - + Hangs up modem line - (/etc/ppp/kermit.hup): + (/etc/ppp/kermit.hup): set line /dev/tty01 ; put your modem device here @@ -22156,7 +22169,7 @@ inp 5 OK out ATH0\13 echo \13 exit - + Here is an alternate method using chat instead of kermit. @@ -22165,7 +22178,7 @@ exit The following two files are sufficient to accomplish a pppd connection. - /etc/ppp/options: + /etc/ppp/options: /dev/cuaa1 115200 @@ -22186,7 +22199,7 @@ domain <your.domain> # put your domain name here defaultroute # put this if you want that PPP server will be # your default router - + /etc/ppp/login.chat.script: @@ -22205,17 +22218,17 @@ ABORT BUSY ABORT 'NO CARRIER' "" AT OK ATDT<phone.number> &prompt.root; pppd - This sample based primarily on information provided + This sample based primarily on information provided by: Trev Roydhouse <Trev.Roydhouse@f401.n711.z3.fidonet.org> and used by - permission. + permission. Working as a PPP server - /etc/ppp/options: + /etc/ppp/options: crtscts # Hardware flow control @@ -22229,10 +22242,10 @@ netmask 255.255.255.0 # netmask ( not required ) domain ppp.foo.com # your domain passive # wait for LCP modem # modem line - + Following /etc/ppp/pppserv script will - enable ppp server on your machine + enable ppp server on your machine: #!/bin/sh @@ -22258,10 +22271,10 @@ kermit -y /etc/ppp/kermit.ans # run ppp pppd /dev/tty01 19200 - + Use this /etc/ppp/pppservdown script to - stop ppp server: + stop ppp server: #!/bin/sh @@ -22281,10 +22294,10 @@ ifconfig ppp0 down ifconfig ppp0 delete kermit -y /etc/ppp/kermit.noans - + Following kermit script will enable/disable autoanswer mode - on your modem (/etc/ppp/kermit.ans): + on your modem (/etc/ppp/kermit.ans): set line /dev/tty01 @@ -22310,13 +22323,13 @@ out ATS0=1\13 ; change this to out ATS0=0\13 if you want to disable inp 5 OK echo \13 exit - + This /etc/ppp/kermit.dial script is used for dialing and authorizing on remote host. You will need to customize it for your needs. Put your login and password in this - script , also you will need to change input statement depending on - responses from your modem and remote host. + script, also you will need to change input statement depending on + responses from your modem and remote host. ; @@ -22433,7 +22446,7 @@ exit 1 ; comment-start: "; " ; comment-start-skip: "; " ; end: - + @@ -22451,15 +22464,15 @@ exit 1 something much fancier. First, determine which serial port your modem is connected to. I - have a symbolic link /dev/modem -> - cuaa1, and only use the modem name in my configuration + have a symbolic link to /dev/modem from + /dev/cuaa1, and only use the modem name in my configuration files. It can become quite cumbersome when you need to fix a bunch of files in /etc and .kermrc's all over the system! - /dev/cuaa0 is COM1, - cuaa1 is COM2, etc. + /dev/cuaa0 is COM1, + cuaa1 is COM2, etc. Make sure you have @@ -22474,13 +22487,13 @@ pseudo-device sl 1 Things you have to do only once - - + + - + Add your home machine, the gateway and nameservers to your /etc/hosts file. Mine looks like - this: + this: 127.0.0.1 localhost loghost @@ -22488,18 +22501,20 @@ pseudo-device sl 1 136.152.64.1 inr-3.Berkeley.EDU inr-3 slip-gateway 128.32.136.9 ns1.Berkeley.edu ns1 128.32.136.12 ns2.Berkeley.edu ns2 - By the way, silvia is + + + By the way, silvia is the name of the car that I had when I was back in Japan (it is called 2?0SX here in U.S.). - + - + Make sure you have before in your /etc/host.conf. Otherwise, funny things may happen. - + - + Edit the file /etc/rc.conf. Note that you should edit the file /etc/sysconfig instead if you are @@ -22545,9 +22560,9 @@ defaultrouter=slip-gateway - + - + Make a file /etc/resolv.conf which contains: @@ -22559,32 +22574,32 @@ nameserver 128.32.136.12 you can see, these set up the nameserver hosts. Of course, the actual domain names and addresses depend on your environment. - + - + Set the password for root and toor (and any other accounts that does not have a password). Use passwd, do not edit the /etc/passwd or /etc/master.passwd files! - + - + Reboot your machine and make sure it comes up with the correct hostname. - + - - + + Making a SLIP connection - - + + - + Dial up, type slip at the prompt, enter your machine name and password. The things you need to enter depends on your environment. I use kermit, with a script like this: @@ -22614,22 +22629,24 @@ output ***\x0d, echo \x0aCONNECTED\x0a filesystem is generally a BAD idea. Do it at your own risk. I am just too lazy. - + - + Leave the kermit there (you can suspend it by z) and - as root, type + as root, type: &prompt.root; slattach -h -c -s 115200 /dev/modem - if you are able to ping hosts + + + If you are able to ping hosts on the other side of the router, you are connected! If it does not work, you might want to try instead of as an argument to slattach. - + - - + + @@ -22659,7 +22676,8 @@ output ***\x0d, echo \x0aCONNECTED\x0a Troubleshooting If it does not work, feel free to ask me. The things that - people tripped over so far: + people tripped over so far: + @@ -22707,8 +22725,6 @@ silvia.HIP.Berke localhost.Berkeley UGH 34 47641234 lo0 - 0.438 - - @@ -22770,9 +22786,8 @@ silvia.HIP.Berke localhost.Berkeley UGH 34 47641234 lo0 - 0.438 getty8, & init8 for information relevant to configuring the system to accept logins on modems, and perhaps stty1 for information on - setting serial port parameters [such as clocal for directly-connected serial - interfaces]. + setting serial port parameters (such as clocal for directly-connected serial + interfaces). @@ -22804,7 +22819,7 @@ silvia.HIP.Berke localhost.Berkeley UGH 34 47641234 lo0 - 0.438 Shelmerg:password:1964:89::0:0:Guy Helmer - SLIP:/usr/users/Shelmerg:/usr/sbin/sliplogin - and, when Shelmerg logs in, + When Shelmerg logs in, sliplogin will search /etc/sliphome/slip.hosts for a line that had a matching user ID; for example, there may be a line in @@ -22830,11 +22845,12 @@ Shelmerg dc-slip sl-helmer 0xfffffc00 autocomp which sliplogin attached itself (slip interface 0, in the above example, which was the first parameter in the list given to slip.login) - to set the local IP address (dc-slip), remote IP address (sl-helmer), network mask for the SLIP - interface (0xfffffc00), and any additional + to set the local IP address (dc-slip), remote + IP address (sl-helmer), network mask for the SLIP + interface (0xfffffc00), and any additional flags (autocomp). If something goes wrong, sliplogin usually logs - good informational messages via the daemon syslog facility, + good informational messages via the daemon syslog facility, which usually goes into /var/log/messages (see the manual pages for syslogd8 and syslog.conf5, and perhaps check @@ -22851,8 +22867,8 @@ Shelmerg dc-slip sl-helmer 0xfffffc00 autocomp Kernel Configuration FreeBSD's default kernels usually come with two SLIP - interfaces defined (sl0 and - sl1); you can use netstat -i to see whether these interfaces + interfaces defined (sl0 and + sl1); you can use netstat -i to see whether these interfaces are defined in your kernel. Sample output from netstat -i: @@ -22882,8 +22898,7 @@ sl1* 296 <Link> 0 0 0 0 you want your FreeBSD SLIP Server to act as a router, you will have to edit the /etc/rc.conf file (called /etc/sysconfig in FreeBSD releases prior to - 2.2.2) and change the setting of the gateway variable to . + 2.2.2) and change the setting of the gateway variable to . If you have an older system which predates even the /etc/sysconfig file, then add the following command: @@ -22904,7 +22919,7 @@ sysctl -w net.inet.ip.forwarding = 1 pseudo-device sl 2 - which is the line that defines the number of SLIP devices + This is the line that defines the number of SLIP devices available in the kernel; the number at the end of the line is the maximum number of SLIP connections that may be operating simultaneously. @@ -22937,7 +22952,7 @@ pseudo-device sl 2 /etc/sliphome/slip.hosts contains lines which have at least four items, separated by whitespace: - + @@ -22958,7 +22973,7 @@ pseudo-device sl 2 - + The local and remote addresses may be host names (resolved to IP addresses by /etc/hosts or by the @@ -22979,39 +22994,38 @@ Shelmerg dc-slip sl-helmerg 0xfffffc00 autocomp At the end of the line is one or more of the options. - + - normal - no header + - no header compression - compress - compress + - compress headers - autocomp - compress + - compress headers if the remote end allows it - noicmp - disable ICMP + - disable ICMP packets (so any ping packets will be dropped instead of using up your bandwidth) - + Note that sliplogin under early releases of FreeBSD 2 ignored the options that FreeBSD 1.x - recognized, so the options normal, - compress, autocomp, and noicmp had no effect until support was + recognized, so the options , + , , and + had no effect until support was added in FreeBSD 2.2 (unless your slip.login script included code to make use of the flags). @@ -23066,7 +23080,7 @@ Shelmerg dc-slip sl-helmerg 0xfffffc00 autocomp /sbin/ifconfig sl$1 inet $4 $5 netmask $6 - This slip.login file merely ifconfig's + This slip.login file merely ifconfig's the appropriate SLIP interface with the local and remote addresses and network mask of the SLIP interface. @@ -23111,7 +23125,7 @@ Shelmerg dc-slip sl-helmerg 0xfffffc00 autocomp - which indicates that this particular system's Ethernet MAC + This indicates that this particular system's Ethernet MAC address is 00:02:c1:28:5f:4a -- the periods in the Ethernet MAC address given by netstat -i must be changed to colons and @@ -23216,7 +23230,7 @@ Shelmerg dc-slip sl-helmerg 0xfffffc00 autocomp - Running gated + Running <command>gated</command> An alternative to the headaches of static routes is to install gated on your FreeBSD SLIP @@ -23255,7 +23269,7 @@ kernel { export proto rip interface ed { proto direct { - xxx.xxx.yy mask 255.255.252.0 metric 1; # SLIP connections + xxx.xxx.yy mask 255.255.252.0 metric 1; # SLIP connections } ; } ; @@ -23269,15 +23283,15 @@ import proto rip interface ed { The above sample gated.conf file broadcasts routing information regarding the SLIP subnet - xxx.xxx.yy via RIP onto the + xxx.xxx.yy via RIP onto the Ethernet; if you are using a different Ethernet driver than the - ed driver, you will need to change - the references to the ed interface + ed driver, you will need to change + the references to the ed interface appropriately. This sample file also sets up tracing to /var/tmp/gated.output for debugging gated's activity; you can certainly turn off the tracing options if gated works OK for you. You will need to - change the xxx.xxx.yy's into the + change the xxx.xxx.yy's into the network address of your own SLIP subnet (be sure to change the net mask in the proto direct clause as well). @@ -23298,7 +23312,7 @@ import proto rip interface ed { Thanks to these people for comments and advice regarding this tutorial: - + &a.wilko; @@ -23309,12 +23323,12 @@ import proto rip interface ed { Piero Serini - <Piero@Strider.Inet.IT> + Piero@Strider.Inet.IT - + @@ -23334,8 +23348,7 @@ import proto rip interface ed { For one machine to be able to find another, there must be a mechanism in place to describe how to get from one to the other. This is called Routing. A route is a defined pair of addresses: - a destination and a gateway. The pair indicates that if you are + a destination and a gateway. The pair indicates that if you are trying to get to this destination, send along through this gateway. There are three types of destinations: individual hosts, subnets, and default. The @@ -23369,18 +23382,18 @@ host2.foobar.com link#1 UC 0 0 The first two lines specify the default route (which we will cover in the next section) and the localhost route. - The interface (Netif column) - that it specifies to use for localhost is lo0, also known as the loopback device. This + The interface (Netif column) + that it specifies to use for localhost is + lo0, also known as the loopback device. This says to keep all traffic for this destination internal, rather than sending it out over the LAN, since it will only end up back where it started anyway. The next thing that stands out are the 0:e0:... addresses. These are ethernet hardware addresses. FreeBSD will automatically identify any hosts - (test0 in the example) on the local + (test0 in the example) on the local ethernet and add a route for that host, directly to it over the - ethernet interface, ed0. There is + ethernet interface, ed0. There is also a timeout (Expire column) associated with this type of route, which is used if we fail to hear from the host in a specific amount of time. In this case the @@ -23406,13 +23419,13 @@ host2.foobar.com link#1 UC 0 0 The host1 line refers to our host, which it knows by ethernet address. Since we are the sending host, FreeBSD knows to use the loopback interface - (lo0) rather than sending it out + (lo0) rather than sending it out over the ethernet interface. The two host2 lines are an example of what happens when we use an ifconfig alias (see the section of ethernet for reasons why we would do this). The - => symbol after the lo0 interface says that not only are we + => symbol after the lo0 interface says that not only are we using the loopback (since this is address also refers to the local host), but specifically it is an alias. Such routes only show up on the host that supports the alias; all other hosts on the local @@ -23426,69 +23439,58 @@ host2.foobar.com link#1 UC 0 0 that are described in the column. Below is a short table of some of these flags and their meanings: - - - U - - Up: The route is - active. - - - - H + + + + + + U + Up: The route is active. + - - Host: The route - destination is a single host. - - + + H + Host: The route destination is a single host. + - G - - - Gateway: Send anything + + G + Gateway: Send anything for this destination on to this remote system, which will - figure out from there where to send it. - - + figure out from there where to send it. + - S - - - Static: This route was + + S + Static: This route was configured manually, not automatically generated by the - system. - - + system. + - C - - - Clone: Generates a new + + C + Clone: Generates a new route based upon this route for machines we connect to. This type of route is normally used for local - networks. - - + networks. + - W - - - WasCloned Indicated a + + W + WasCloned: Indicated a route that was auto-configured based upon a local area - network (Clone) route. - - + network (Clone) route. + - L - - - Link: Route involves - references to ethernet hardware. - - - - + + L + Link: Route involves + references to ethernet hardware. + + + + + @@ -23502,7 +23504,7 @@ host2.foobar.com link#1 UC 0 0 connect along that interface. If all known paths fail, the system has one last option: the - default route. This route is a + default route. This route is a special type of gateway route (usually the only one present in the system), and is always marked with a c in the flags field. For hosts on a local area network, this gateway is set to whatever machine has a @@ -23688,21 +23690,21 @@ Local1 (10.20.30.1, 10.9.9.30) --> T1-GW (10.9.9.1) Though the correct solution is to get a higher performance and capacity Ethernet adapter for the FreeBSD system, there is a simple workaround that will allow satisfactory operation. If the FreeBSD - system is the SERVER, include the option on the mount from - the client. If the FreeBSD system is the CLIENT, then mount the NFS + system is the server, include the option on the mount from + the client. If the FreeBSD system is the client, then mount the NFS file system with the option . These options may be - specified using the fourth field of the fstab entry on the client + specified using the fourth field of the fstab entry on the client for automatic mounts, or by using the parameter of the mount command for manual mounts. It should be noted that there is a different problem, sometimes mistaken for this one, when the NFS servers and clients are on - different networks. If that is the case, make CERTAIN that your + different networks. If that is the case, make certain that your routers are routing the necessary UDP information, or you will not get anywhere, no matter what else you are doing. - In the following examples, "fastws" is the host (interface) name - of a high-performance workstation, and "freebox" is the host + In the following examples, fastws is the host (interface) name + of a high-performance workstation, and freebox is the host (interface) name of a FreeBSD system with a lower-performance Ethernet adapter. Also, /sharedfs will be the exported NFS filesystem (see man exports), and /project will be the mount @@ -23710,27 +23712,27 @@ Local1 (10.20.30.1, 10.9.9.30) --> T1-GW (10.9.9.1) note that additional options, such as or and may be desirable in your application. - Examples for the FreeBSD system ("freebox") as the client: in + Examples for the FreeBSD system (freebox) as the client: in /etc/fstab on freebox: fastws:/sharedfs /project nfs rw,-r=1024 0 0 - as a manual mount command on freebox: + as a manual mount command on freebox: &prompt.root; mount -t nfs -o -r=1024 fastws:/sharedfs /project Examples for the FreeBSD system as the server: in - /etc/fstab on fastws: + /etc/fstab on fastws: freebox:/sharedfs /project nfs rw,-w=1024 0 0 - as a manual mount command on fastws: + as a manual mount command on fastws: &prompt.root; mount -t nfs -o -w=1024 freebox:/sharedfs /project @@ -23745,7 +23747,7 @@ freebox:/sharedfs /project nfs rw,-w=1024 0 0 smaller sizes). Since the maximum Ethernet packet is around 1500 bytes, the NFS block gets split into multiple Ethernet packets, even though it is still a single unit to the upper-level code, and - must be received, assembled, and ACKNOWLEDGED as a unit. The + must be received, assembled, and acknowledged as a unit. The high-performance workstations can pump out the packets which comprise the NFS unit one right after the other, just as close together as the standard allows. On the smaller, lower capacity @@ -23763,7 +23765,7 @@ freebox:/sharedfs /project nfs rw,-w=1024 0 0 Overruns may still occur when a high-performance workstations is slamming data out to a PC system, but with the better cards, such - overruns are not guaranteed on NFS "units". When an overrun occurs, + overruns are not guaranteed on NFS units. When an overrun occurs, the units affected will be retransmitted, and there will be a fair chance that they will be received, assembled, and acknowledged. @@ -23775,7 +23777,7 @@ freebox:/sharedfs /project nfs rw,-w=1024 0 0 Contributed by &a.martin;. - netboot.com/netboot.rom allow you to boot + netboot.com/netboot.rom allow you to boot your FreeBSD machine over the network and run FreeBSD without having a disk on your client. Under 2.0 it is now possible to have local swap. Swapping over NFS is also still supported. @@ -23788,14 +23790,15 @@ freebox:/sharedfs /project nfs rw,-w=1024 0 0 Setup Instructions - - + + - + Find a machine that will be your server. This machine will require enough disk space to hold the FreeBSD 2.0 binaries and have bootp, tftp and NFS services available. - Tested machines: + Tested machines: + @@ -23811,11 +23814,11 @@ freebox:/sharedfs /project nfs rw,-w=1024 0 0 - + - + Set up a bootp server to provide the client with IP, - gateway, netmask. + gateway, netmask. diskless:\ @@ -23827,88 +23830,155 @@ diskless:\ :ip=192.1.2.4:\ :gw=192.1.2.5:\ :vm=rfc1048: - - + + - + Set up a TFTP server (on same machine as bootp server) to provide booting information to client. The name of this - file is cfg.X.X.X.X (or - /tftpboot/cfg.X.X.X.X, it will try - both) where X.X.X.X is the IP address + file is cfg.X.X.X.X (or + /tftpboot/cfg.X.X.X.X, it will try + both) where X.X.X.X is the IP address of the client. The contents of this file can be any valid netboot commands. Under 2.0, netboot has the following - commands: + commands: - -help - print help list -ip <X.X.X.X> - print/set client's IP address -server <X.X.X.X> - print/set bootp/tftp server address -netmask <X.X.X.X> - print/set netmask -hostname <name> - print/set hostname -kernel <name> - print/set kernel name -rootfs <ip:/fs> - print/set root filesystem -swapfs <ip:/fs> - print/set swap filesystem -swapsize <size> - set diskless swapsize in Kbytes -diskboot - boot from disk -autoboot - continue boot process -trans <on|off> - turn transceiver on|off -flags [bcdhsv] - set boot flags - A typical completely diskless cfg file - might contain: + + + + + help + print help list + + + + ip + print/set client's IP address + + + + server + print/set bootp/tftp server address + + + + netmask + print/set netmask + + + + hostname name + print/set hostname + + + + kernel + print/set kernel name + + + + rootfs + print/set root filesystem + + + + swapfs + print/set swap filesystem + + + + swapsize + set diskless swapsize in Kbytes + + + + diskboot + boot from disk + + + + autoboot + continue boot process + + + + trans + | + turn transceiver on|off + + + + flags + + set boot flags + + + + + + A typical completely diskless cfg file + might contain: rootfs 192.1.2.3:/rootfs/myclient swapfs 192.1.2.3:/swapfs swapsize 20000 hostname myclient.mydomain - A cfg file for a machine with local swap - might contain: + + + A cfg file for a machine with local swap + might contain: rootfs 192.1.2.3:/rootfs/myclient hostname myclient.mydomain - - + + - + Ensure that your NFS server has exported the root (and swap if applicable) filesystems to your client, and that the client has root access to these filesystems A typical /etc/exports file on FreeBSD might look - like: + like: /rootfs/myclient -maproot=0:0 myclient.mydomain /swapfs -maproot=0:0 myclient.mydomain - And on HP-UX: + + + And on HP-UX: /rootfs/myclient -root=myclient.mydomain /swapfs -root=myclient.mydomain - - + + - + If you are swapping over NFS (completely diskless configuration) create a swap file for your client using dd. If your swapfs command has the arguments /swapfs and the size 20000 as in the example above, the swapfile for myclient will be called - /swapfs/swap.X.X.X.X where - X.X.X.X is the client's IP addr, eg: + /swapfs/swap.X.X.X.X where + X.X.X.X is the client's IP addr, eg: + &prompt.root; dd if=/dev/zero of=/swapfs/swap.192.1.2.4 bs=1k count=20000 - Also, the client's swap space might + + + Also, the client's swap space might contain sensitive information once swapping starts, so make sure to restrict read and write access to this file to - prevent unauthorized access: + prevent unauthorized access: + &prompt.root; chmod 0600 /swapfs/swap.192.1.2.4 - - + + - + Unpack the root filesystem in the directory the client will use for its root filesystem (/rootfs/myclient in the example @@ -23937,16 +24007,16 @@ hostname myclient.mydomain - + - - Run netboot.com on the client or + + Run netboot.com on the client or make an EPROM from the netboot.rom file - + - - + + @@ -23984,7 +24054,8 @@ hostname myclient.mydomain is Dan Kegel's ISDN Page. - A quick simple roadmap to ISDN follows: + A quick simple roadmap to ISDN follows: + @@ -24007,7 +24078,6 @@ hostname myclient.mydomain - Cost is a significant factor in determining what solution you will choose. The following options are listed from least expensive @@ -24042,7 +24112,8 @@ hostname myclient.mydomain source can be found on the above mentioned ftp server under directory isdn as file bisdn-097.tar.gz. - There are drivers for the following cards: + There are drivers for the following cards: + @@ -24055,13 +24126,12 @@ hostname myclient.mydomain - There are several limitations with the bisdn stuff. Specifically the following features usually associated with ISDN are not supported. - + @@ -24086,13 +24156,16 @@ hostname myclient.mydomain - + A majordomo maintained mailing list is available. To join the list, send mail to &a.majordomo; and specify: + subscribe freebsd-isdn - In the body + + + in the body of your message. @@ -24218,7 +24291,8 @@ subscribe freebsd-isdn network to a head office network the following setup could be used. - Branch office or Home network + + Branch office or Home network Network is 10 Base T Ethernet. Connect router to network cable with AUI/10BT transceiver, if necessary. @@ -24239,10 +24313,12 @@ ISDN BRI line If your home/branch office is only one computer you can use a twisted pair crossover cable to connect to the standalone router directly. + - Head office or other lan + + Head office or other lan - Network is Twisted Pair Ethernet. + Network is Twisted Pair Ethernet. @@ -24257,11 +24333,12 @@ ISDN BRI line |___---Standalone router | ISDN BRI line - + + One large advantage of most routers/bridges is that they allow - you to have 2 SEPARATE INDEPENDENT PPP connections to 2 separate - sites at the SAME time. This is not supported on most TA's, + you to have 2 separate independent PPP connections to 2 separate + sites at the same time. This is not supported on most TA's, except for specific(expensive) models that have two serial ports. Do not confuse this with channel bonding, MPP etc. @@ -24295,16 +24372,14 @@ ISDN BRI line Some parts of E-Mail configuration are controlled in the Domain Name System (DNS). If you are going to run your own own DNS server - check out /etc/namedb - and ' man -k named - ' for more information. + check out /etc/namedb and man -k named for more information. Basic Information These are the major programs involved in an E-Mail exchange. A - mailhost is a server that is + mailhost is a server that is responsible for delivering and receiving all email for your host, and possibly your network. @@ -24312,10 +24387,10 @@ ISDN BRI line User program - This is a program like elm, pine, - mail , or something more sophisticated like a WWW + This is a program like elm, pine, + mail, or something more sophisticated like a WWW browser. This program will simply pass off all e-mail - transactions to the local mailhost , + transactions to the local mailhost , either by calling sendmail or delivering it over TCP. @@ -24324,8 +24399,8 @@ ISDN BRI line Mailhost Server Daemon - Usually this program is sendmail or - smail running in the background. Turn it off or + Usually this program is sendmail or + smail running in the background. Turn it off or change the command line options in /etc/rc.conf (or, prior to FreeBSD 2.2.2, /etc/sysconfig). It is best to leave it on, @@ -24337,12 +24412,11 @@ ISDN BRI line secure site. Some versions of sendmail have known security problems. - sendmail - does two jobs. It looks after delivering + sendmail does two jobs. It looks after delivering and receiving mail. - If sendmail - needs to deliver mail off your site it will look up in + If sendmail + needs to deliver mail off your site it will look up in the DNS to determine the actual host that will receive mail for the destination. @@ -24355,11 +24429,11 @@ ISDN BRI line DNS - Name Service - The Domain Name System and its daemon named , contain the database mapping + The Domain Name System and its daemon named, contain the database mapping hostname to IP address, and hostname to mailhost. The IP address - is specified in an A record. The MX record specifies the + is specified in an A record. The MX record specifies the mailhost that will receive mail for you. If you do not have a - MX record mail for your hostname, the mail will be delivered to + MX record mail for your hostname, the mail will be delivered to your host directly. Unless you are running your own DNS server, you will not be @@ -24373,25 +24447,25 @@ ISDN BRI line This program gets the mail from your mailbox and gives it to your browser. If you want to run a POP server on your computer, - you will need to do 2 things. - + you will need to do 2 things. + + - + Get pop software from the Ports collection that can be found in /usr/ports or packages collection. This handbook section has a complete reference on the system. - + - - Modify /etc/inetd.conf + + Modify /etc/inetd.conf to load the POP server. - + - + The pop program will have instructions with it. Read @@ -24412,28 +24486,35 @@ ISDN BRI line /etc/resolv.conf setup or are running a name server. If you want to have mail for your host delivered to your specific host,there are two methods: - - - Run a name server ( man -k - named ) and have your own domain + + + + Run a name server (man -k named) and have your own domain smallminingco.com - - - Get mail delivered to the current DNS name for your host. + + + + Get mail delivered to the current DNS name for your host. Ie: dorm6.ahouse.school.edu + + No matter what option you choose, to have mail delivered directly to your host, you must be a full Internet host. You must have a permanent IP address. IE: NO dynamic PPP. If you are behind a firewall, the firewall must be passing on smtp traffic to - you. From /etc/services + you. From /etc/services: smtp 25/tcp mail #Simple Mail Transfer - If you + + + If you want to receive mail at your host itself, you must make sure that the DNS MX entry points to your host address, or there is no MX entry for your DNS name. - Try this + Try this: &prompt.root; hostname @@ -24444,18 +24525,19 @@ newbsdbox.freebsd.org has address 204.216.27.xx If that is all that comes out for your machine, mail directory - to root@newbsdbox.freebsd.org + to root@newbsdbox.freebsd.org will work no problems. - If instead, you have this + If instead, you have this: &prompt.root; host newbsdbox.freebsd.org newbsdbox.FreeBSD.org has address 204.216.27.xx newbsdbox.FreeBSD.org mail is handled (pri=10) by freefall.FreeBSD.org - All mail sent to your host - directly will end up on freefall, under the same username. + + + All mail sent to your host + directly will end up on freefall, under the same username. This information is setup in your domain name server. This should be the same host that is listed as your primary nameserver @@ -24466,7 +24548,7 @@ newbsdbox.FreeBSD.org mail is handled (pri=10) by freefall.FreeBSD.org delivered directly to the host by way of the Address record. - The MX entry for freefall.freebsd.org at one time. + The MX entry for freefall.freebsd.org at one time. freefall MX 30 mail.crl.net @@ -24476,19 +24558,18 @@ freefall MX 10 freefall.FreeBSD.org freefall MX 20 who.cdrom.com freefall A 204.216.27.xx freefall CNAME www.FreeBSD.org - + - Freefall has many MX entries. The lowest MX number gets the + freefall has many MX entries. The lowest MX number gets the mail in the end. The others will queue mail temporarily, if - freefall is busy or down. + freefall is busy or down. Alternate MX sites should have separate connections to the Internet, to be most useful. An Internet Provider or other friendly site can provide this service. - dig, nslookup, - and - host are your friends. + dig, nslookup, + and host are your friends. @@ -24498,16 +24579,16 @@ freefall CNAME www.FreeBSD.org To setup up a network mailhost, you need to direct the mail from arriving at all the workstations. In other words, you want to - hijack all mail for *.smallminingco.com - and divert it to one machine, your mailhost. + hijack all mail for *.smallminingco.com + and divert it to one machine, your mailhost. The network users on their workstations will most likely pick up their mail over POP or telnet. - A user account with the SAME USERNAME should exist on both + A user account with the same username should exist on both machines. Please use adduser to do - this as required. If you set the shell to /nonexistent + this as required. If you set the shell to + /nonexistent the user will not be allowed to login. The mailhost that you will be using must be designated the @@ -24515,12 +24596,12 @@ freefall CNAME www.FreeBSD.org (ie BIND, named). Please refer to a Networking book for in-depth information. - You basically need to add these lines in your DNS server. + You basically need to add these lines in your DNS server. -pc24.smallminingco.com A xxx.xxx.xxx.xxx ; Workstation ip +pc24.smallminingco.com A xxx.xxx.xxx.xxx ; Workstation ip MX 10 smtp.smallminingco.com ; Your mailhost - + You cannot do this yourself unless you are running a DNS server. If you do not want to run a DNS server, get somebody else @@ -24536,26 +24617,26 @@ pc24.smallminingco.com A xxx.xxx.xxx.xxx ; Workstation ip I have a customer with domain foo.bar and I want all mail for foo.bar to be sent to my machine smtp.smalliap.com. You must make - an entry in your DNS server like: + an entry in your DNS server like: foo.bar MX 10 smtp.smalliap.com ; your mailhost - The A record is not needed if you only - want E-Mail for the domain. IE: Don't expect ping foo.bar + + + The A record is not needed if you only + want E-Mail for the domain. IE: Don't expect ping foo.bar to work unless an Address record for foo.bar exists as well. On the mailhost that actually accepts mail for final delivery - to a mailbox, sendmail must be told what hosts it will be + to a mailbox, sendmail must be told what hosts it will be accepting mail for. - Add pc24.smallminingco.com to /etc/sendmail.cw (if you are - using FEATURE(use_cw_file)), or add a "Cw myhost.smalliap.com" - line to /etc/sendmail.cf + Add pc24.smallminingco.com to /etc/sendmail.cw (if you are + using FEATURE(use_cw_file)), or add a Cw myhost.smalliap.com + line to /etc/sendmail.cf - If you plan on doing anything serious with sendmail you should install the sendmail + If you plan on doing anything serious with sendmail you should install the sendmail source. The source has plenty of documentation with it. You will find information on getting sendmail source from + The sendmail FAQ is in /usr/src/usr.sbin/sendmail and is recommended @@ -24816,23 +24898,25 @@ bigco.com. MX 10 bigco.com. Cw bigco.com in /etc/sendmail.cf on bigco.com). - When the senders sendmail is trying to deliver the mail it + When the senders sendmail is trying to deliver the mail it will try to connect to you over the modem link. It will most - likely time out because you are not online. Sendmail will + likely time out because you are not online. sendmail will automatically deliver it to the secondary MX site, ie your Internet provider. The secondary MX site will try every (sendmail_flags = "-bd -q15m" in /etc/rc.conf ) 15 minutes to connect to your host to deliver the mail to the primary MX site. - You might wat to use something like this as a login script. + You might wat to use something like this as a login script. #!/bin/sh # Put me in /usr/local/bin/pppbigco ( sleep 60 ; /usr/sbin/sendmail -q ) & /usr/sbin/ppp -direct pppbigco - If you are going to create a separate + + + If you are going to create a separate login script for a user you could use sendmail -qRbigco.com instead in the script above. This will force all mail in your queue for bigco.com to be processed @@ -28093,7 +28177,7 @@ THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. # Date created: 5 December 1994 # Whom: asami # -# $Id: book.sgml,v 1.40 1998-10-21 22:05:23 nik Exp $ +# $Id: book.sgml,v 1.41 1998-10-22 23:03:01 nik Exp $ # DISTNAME= oneko-1.1b