JD wrote:
Regarding the following issue with ppp0 idle command failing ...
Am 2003-10-07 21:50:29, schrieb Jeff Newmiller:
On Wed, 8 Oct 2003, Michelle Konzack wrote:
Hello all,
if I set the idle to 30~80 seconds, all is working fine.
But more give me no Timeout on ppp0. Why ?
Your link is probably being keep active by inbound traffic from the
internet. I had the same issue. I was "normally" able to get a proper
disconnect with a short idle timeout [like 30-60 seconds]. But with my
desired timeout of 600 seconds - inbound traffic from the internet would
reset the pppd timer and keep the link active forever.
[...]
I like to have an 'IDLE 300' but this will never disconnect...
I was trying two weeks the Bering with the 'active-filter' and
it does not work. There is no incoming and no outgoing traffic,
and Bering does not disconnect after 300 seconds.
Are you sure that there is not inbound traffic???
What I found was inbound pings [ICMP] and other unwanted traffic from the
net was resetting my timer. I found that using the following command
'pppstats -w 30' worked well to identify that infact traffic was coming
from the net [note 30 is the number of seconds between stat updates].
While pppstats was updating my screen - I was able to see inbound bytes
incrementing. Shorewall would drop the packet, but pppd saw it as valid
traffic.
I finally pulled the tcpdump.lrp to my FW to watch the traffic that was
inbound. What I found was MS share requests, pings, and other traffic was
keeping my ppp0 interface active.
I pulled down the pppd with the filter enabled and replaced my default pppd
file. I added the following to my /etc/ppp/options file ...
active-filter 'not(icmp[0]=0 or icmp[0]=3 or icmp[0]=8 or port 135 or port
137 or port 139 or port 445)'
which has solved my problem. The format is the same as the tcpdump
expression. I did not find too much helpful information on the net about
the syntax - but was able to filter icmp's - and test it with tcpdump.
Later I added the port 135-139 & 445 because I continued to see M$ junk
hitting my FW.
I have setup a dial out Bering firewall in a small office. Recently I
noticed that it often fails to hang up the modem even when all machines
on the internal network have been turned off for long past the timeout
value. Possibly this is because of the increased number of worms
hammering on the outside. I replaced pppd with the active-filter
version but had not researched how to implement it. I shall try your
active-filter line in /etc/ppp/options. Thanks very much for your post
and hope this solves the "no hang up" the modem problem.
-------------------------------------------------------
This SF.net email is sponsored by: SF.net Giveback Program.
SourceForge.net hosts over 70,000 Open Source Projects.
See the people who have HELPED US provide better services:
Click here: http://sourceforge.net/supporters.php
------------------------------------------------------------------------
leaf-user mailing list: [EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/leaf-user
SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
