Lourdes A Jones <[EMAIL PROTECTED]> says:
> Ted Behling wrote:
> > I'm trying to run diald to automate my PPP connection. I
> > don't recall the exact sequence of events when I upgraded
> > from kernel 2.0.34 to 2.2.1, but it now generates the
> > following lines in /var/log/messages:
> >
> > Feb 8 15:36:22 salsa kernel: diald uses obsolete
> > (PF_INET,SOCK_PACKET)
>
> The socket call has changed in 2.2.1 but the code will continue to work.
> This is a warning/informational message. There is a patch available if you
> really want to kill this message.
>
> > Feb 8 15:36:23 salsa diald[612]: Diald is dying with code 1
It's funny Ted brings this up, because the exact same thing first
happened to me when I upgraded from 2.0.36 (and having run diald for
almost 3 years) to 2.2.0 (now 2.2.1) and diald 0.16.5, even when I
recompiled it with the new kernel. Sorry to say that 0.98.2 stil
doesn't work for me (neither did 0.98.1), with the same symptoms;
diald will actually start (I think because I compiled AF_PACKET into
the kernel instead of a module), but dctrl shows no packets when I try
to do TCP/IP stuff. I have to use the FIFO to manually start the
connection; only then dctrl shows my packets.
I am prepared to swear that I have changed nothing else on the
system. I did try upgrading to net-tools 1.50, which made no difference.
Here is my diald.conf:
# This is a pretty complicated set of filter rules.
# (These are the rules I use myself.)
#
# I've divided the rules up into four sections.
# TCP packets, UDP packets, ICMP packets and a general catch all rule
# at the end.
#------------------------------------------------------------------------------
# Rules for TCP packets.
#------------------------------------------------------------------------------
# General comments on the rule set:
#
# In general we would like to treat only data on a TCP link as
# signficant
# for timeouts. Therefore, we try to ignore packets with no data.
# Since the shortest possible set of headers in a TCP/IP packet is 40
# bytes.
# Any packet with length 40 must have no data riding in it.
# We may miss some empty packets this way (optional routing
# information
# and other extras may be present in the IP header), but we should get
# most of them. Note that we don't want to filter out packets with
# tcp.live clear, since we use them later to speedup disconnects
# on some TCP links.
#
# We also want to make sure WWW packets live even if the TCP socket
# is shut down. We do this because WWW doesn't keep connections open
# once the data has been transfered, and it would be annoying to have
# the link
# keep bouncing up and down every time you get a document.
#
# Outside of WWW the most common use of TCP is for long lived
# connections,
# that once they are gone mean we no longer need the network
# connection.
# We don't neccessarily want to wait 10 minutes for the connection
# to go down when we don't have any telnet's or rlogin's running,
# so we want to speed up the timeout on TCP connections that have
# shutdown. We do this by catching packets that do not have the live
# flag set.
# --- start of rule set proper ---
# When initiating a connection we only give the link 15 seconds
# initially.
# The idea here is to deal with possibility that the network on the
# opposite
# end of the connection is unreachable. In this case you don't really
# want to give the link 10 minutes up time. With the rule below
# we only give the link 15 seconds initially. If the network is
# reachable
# then we will normally get a response that actually contains some
# data within 15 seconds. If this causes problems because you have a
# slow
# response time at some site you want to regularly access, you can
# either
# increase the timeout or remove this rule.
accept tcp 15 tcp.syn
# Keep named xfers from holding the link up
ignore tcp tcp.dest=tcp.domain
ignore tcp tcp.source=tcp.domain
# (Ack! SCO telnet starts by sending empty SYNs and only opens the
# connection if it gets a response. Sheesh..)
accept tcp 5 ip.tot_len=40,tcp.syn
# keep empty packets from holding the link up (other than empty SYN
# packets)
ignore tcp ip.tot_len=40,tcp.live
# make sure http transfers hold the link for 2 minutes, even after
# they end.
# NOTE: Your /etc/services may not define the tcp service www, in
# which
# case you should comment out the following two lines or get a more
# up to date /etc/services file. See the FAQ for information on
# obtaining
# a new /etc/services file.
accept tcp 120 tcp.dest=tcp.www
accept tcp 120 tcp.source=tcp.www
# SSL connections are usually for secure http so treat them like http.
# NOTE: Your /etc/services may not define the tcp service ssl, in
# which
# case you should comment out the following two lines or get a more
# up to date /etc/services file. See the FAQ for information on
# obtaining
# a new /etc/services file.
keepup tcp 120 tcp.dest=tcp.ssl
keepup tcp 120 tcp.source=tcp.ssl
# Once the link is no longer live, we try to shut down the connection
# quickly. Note that if the link is already down, a state change
# will not bring it back up.
keepup tcp 5 !tcp.live
ignore tcp !tcp.live
# an ftp-data or ftp connection can be expected to show reasonably
# frequent
# traffic.
accept tcp 120 tcp.dest=tcp.ftp
accept tcp 120 tcp.source=tcp.ftp
#NOTE: ftp-data is not defined in the /etc/services file provided with
# the latest versions of NETKIT, so I've got this commented out here.
# If you want to define it add the following line to your
# /etc/services:
# ftp-data 20/tcp
# and uncomment the following two rules.
accept tcp 120 tcp.dest=tcp.ftp-data
accept tcp 120 tcp.source=tcp.ftp-data
# If we don't catch it above, give the link 10 minutes up time.
accept tcp 120 any
# Rules for UDP packets
#
# We time out domain requests right away, we just want them to bring
# the link up, not keep it around for very long.
# This is because the network will usually come up on a call
# from the resolver library (unless you have all your commonly
# used addresses in /etc/hosts, in which case you will discover
# other problems.)
# Note that you should not make the timeout shorter than the time you
# might expect your DNS server to take to respond. Otherwise
# when the initial link gets established there might be a delay
# greater than this between the initial series of packets before
# any packets that keep the link up longer pass over the link.
# Don't bring the link up for rwho.
ignore udp udp.dest=udp.who
ignore udp udp.source=udp.who
# Don't bring the link up for RIP.
ignore udp udp.dest=udp.route
ignore udp udp.source=udp.route
# Don't bring the link up for NTP or timed.
ignore udp udp.dest=udp.ntp
ignore udp udp.source=udp.ntp
ignore udp udp.dest=udp.timed
ignore udp udp.source=udp.timed
# Don't bring up on domain name requests between two running nameds.
ignore udp udp.dest=udp.domain,udp.source=udp.domain
# Bring up the network whenever we make a domain request from
# someplace
# other than named.
accept udp 30 udp.dest=udp.domain
accept udp 30 udp.source=udp.domain
# Do the same for netbios-ns broadcasts
# NOTE: your /etc/services file may not define the netbios-ns service
# in which case you should comment out the next three lines.
ignore udp udp.source=udp.netbios-ns,udp.dest=udp.netbios-ns
accept udp 30 udp.dest=udp.netbios-ns
accept udp 30 udp.source=udp.netbios-ns
# keep routed and gated transfers from holding the link up
ignore udp tcp.dest=udp.route
ignore udp tcp.source=udp.route
# Anything else gest 2 minutes.
accept udp 120 any
# Catch any packets that we didn't catch above and give the connection
# 30 seconds of live time.
accept any 30 any
# Valid modes are: slip, cslip, slip6, cslip6, aslip, ppp
mode ppp
# Used by dctrl to monitor diald
fifo "/etc/diald/diald.ctl"
# Put your addresses here
accounting-log /var/log/diald-log
buffer-packets
connect-timeout 95
crtscts
debug 0x0008
# debug 31
defaultroute
demand
device /dev/modem
died-retry-count 0
dynamic
give-way
local 127.0.0.2
# local 192.168.0.1
lock
modem
# mtu 576
# mru 576
redial-timeout 2
remote 127.0.0.3
# remote 192.168.0.2
# speed 57600
speed 115200
strict-forwarding
two-way
window 3000
# window 2304
# Exclude Checking for mail from keeping link up
# ignore tcp tcp.source=tcp.pop-2 tcp.dest=tcp.pop-2
# ignore tcp tcp.source=tcp.pop-3,tcp.dest=tcp.pop-3
# ignore tcp tcp.source=tcp.pop,tcp.dest=tcp.pop
# See /etc/diald.dial.*
include /etc/diald/diald.dial
--
<URL:http://www.columbia.edu/~ylee/>
-
To unsubscribe from this list: send the line "unsubscribe linux-diald" in
the body of a message to [EMAIL PROTECTED]
