Hello ppp developers,
I installed ppp version 2.3.10. The previous version was 2.3.7.
Version 2.3.7 sometimes hangs my SMP machine when the modem hangs
up so I upgraded.
Security has been added which appears to make it useless if
the connecting machine already has an IP address and is already known
to the server. I cannot find any way to turn the new "feature" OFF.
It is ON by default which breaks everything.
Here, ppp is not used to directly connect to an ISP. Instead, the
ISP is one of several Linux machines at work. This company has wide
area calling, so what may be long-distance for engineering employees
from their homes is, in fact, a free call if the calling direction
is reversed.
Therefore, an engineer calls a number (on his nickel), the modem
answers and the engineer logs in as 'callback'. The callback program
asks for the engineer's name and hangs up. If the caller's name is
in a file, the callback program then calls the engineer back. The
engineer, or a program, answers the modem then logs in with his
real name and password. After this, the ppp daemon is executed on
both ends. Various shell-scripts (ip-up, ip-down, etc), set up
default routes, etc.
This has worked for several years. The new pppd has broken this
capability.
Here is the log of such activity where the ppp daemon has decided
that the existing remote IP address should not be used for some
alleged breach of security. Note the callback program runs as root
and pppd was started by root. It damn-well should be able to do
anything it wants.
Oct 19 19:48:24 quark login: DIALUP ttyS0, callback
Oct 19 19:48:56 quark login: DIALUP ttyS0, root
Oct 19 19:48:56 quark login: ROOT LOGIN ON ttyS0
Oct 19 19:48:58 quark pppd[3266]: pppd 2.3.10 started by root, uid 0
Oct 19 19:48:58 quark pppd[3266]: Using interface ppp0
Oct 19 19:48:58 quark pppd[3266]: Connect: ppp0 <--> /dev/ttyS0
Oct 19 19:48:58 quark pppd[3266]: found interface eth0 for proxy arp
Oct 19 19:48:58 quark pppd[3266]: local IP address 204.178.40.236
Oct 19 19:48:58 quark pppd[3266]: remote IP address 204.178.40.100
Oct 19 19:48:58 quark pppd[3266]: IPCP terminated by peer
(Unauthorized remote IP address)
Oct 19 19:48:58 quark pppd[3266]: LCP terminated by peer
(No network protocols running)
Oct 19 19:49:00 quark pppd[3266]: Hangup (SIGHUP)
Oct 19 19:49:00 quark pppd[3266]: Modem hangup
Oct 19 19:49:00 quark pppd[3266]: Connection terminated.
Oct 19 19:49:00 quark pppd[3266]: Connect time 0.0 minutes.
Oct 19 19:49:00 quark pppd[3266]: Sent 177 bytes, received 219 bytes.
Oct 19 19:49:00 quark pppd[3266]: Exit.
This is /etc/ppp/options (with all the diferent things I have tried).
proxyarp
crtscts
# asyncmap 00000000
# 204.178.40.236:204.178.40.100
# 204.178.40.100:204.178.40.236
# 204.178.40.100
# 204.178.40.236
allow-ip *
A similar one exists on the remote end with the ip addresses reversed
of course.
The ppp daemon is not expected (nor is it allowed) to change the IP
address of the connection. These IP addresses are fixed and known
to our DNS. It looks as though ppp has decided that a "remote" address
is not allowed because a "local" one of the same value exists. I
spent seven hours last night, running up a $100+ long - distance
phone bill, attempting to make the new pppd work like the old one.
To return ppp to a useful state, this new feature has to be turned
OFF. How do I do this without modifying the source?
I am not on this list. Please c.c. me directly.
Cheers,
Dick Johnson
Penguin : Linux version 2.3.13 on an i686 machine (400.59 BogoMips).
Warning : It's hard to remain at the trailing edge of technology.
-
To unsubscribe from this list: send the line "unsubscribe linux-ppp" in
the body of a message to [EMAIL PROTECTED]
