From 2c3854a1d37d26567728e5c3fa6b233ee5a4eea0 Mon Sep 17 00:00:00 2001 From: gferg <> Date: Fri, 13 Oct 2000 14:39:42 +0000 Subject: [PATCH] new entry --- LDP/howto/docbook/PortSlave.sgml | 550 +++++++++++++++++++++++++++++++ 1 file changed, 550 insertions(+) create mode 100644 LDP/howto/docbook/PortSlave.sgml diff --git a/LDP/howto/docbook/PortSlave.sgml b/LDP/howto/docbook/PortSlave.sgml new file mode 100644 index 00000000..b449bbda --- /dev/null +++ b/LDP/howto/docbook/PortSlave.sgml @@ -0,0 +1,550 @@ + + +
+ + + + + PortSlave How-To using the Linux Router + + + Tom + McKellips + +
+ tom@computechnology.com +
+ + + + + + v1.00 + 8 October 2000 + + + + + + I wrote this as a beginning for using Portslave with the + Linux router project. It seems that Portslave is a widely used + program with no documentation. Since I just dove into using + Portslave I am sure this document can be improved by others over + time. After several days of fighting Portslave, I figured out how + incredibly easy to use it really is. + + + + + + + + + + Introduction + + + Share this with all; sell it to no one. + + + +First, I just want to thank all the Linux programmers out there. Your +contributions have made a difference. I hope this small contribution +is useful to the Linux users out there. + + + +I wrote this as a beginning for using Portslave with the +Linux router project. It seems that Portslave is a widely used +program with no documentation. Since I just dove into using Portslave +I am sure this document can be improved by others over time. After +several days of fighting Portslave I figured out how incredibly easy +to use it really is. + + + +The trouble I ran into most of the time was PAP Authentication +failure. This was really tough thing to work out (I thought). I also +had a few other errors, but if you follow this How To it should at +least get you started (or start you to the insane asylum). + + + + + + Copyright Information + + + This document is copyrighted (c) 2000 Tom McKellips and is + distributed under the terms of the Linux Documentation Project + (LDP) license, stated below. + + + + Unless otherwise stated, Linux HOWTO documents are + copyrighted by their respective authors. Linux HOWTO documents may + be reproduced and distributed in whole or in part, in any medium + physical or electronic, as long as this copyright notice is + retained on all copies. Commercial redistribution is allowed and + encouraged; however, the author would like to be notified of any + such distributions. + + + + All translations, derivative works, or aggregate works + incorporating any Linux HOWTO documents must be covered under this + copyright notice. That is, you may not produce a derivative work + from a HOWTO and impose additional restrictions on its + distribution. Exceptions to these rules may be granted under + certain conditions; please contact the Linux HOWTO coordinator at + the address given below. + + + + In short, we wish to promote dissemination of this + information through as many channels as possible. However, we do + wish to retain copyright on the HOWTO documents, and would like to + be notified of any plans to redistribute the HOWTOs. + + + + If you have any questions, please contact + linux-howto@metalab.unc.edu + + + + + + + Disclaimer + + + No liability for the contents of this documents can be accepted. + Use the concepts, examples and other content at your own risk. + As this is a new edition of this document, there may be errors + and inaccuracies, that may of course be damaging to your system. + Proceed with caution, and although this is highly unlikely, + the author does not take any responsibility for that. + + + + All copyrights are held by their respective owners, unless + specifically noted otherwise. Use of a term in this document + should not be regarded as affecting the validity of any trademark + or service mark. + + + + Naming of particular products or brands should not be seen + as endorsements. + + + + You are strongly recommended to take a backup of your system + before major installation and backups at regular intervals. + + + + + + + + + + + + The Procedure + + + +First, you need a running version of LRP - either build the disk yourself +or you can grab an image of mine at: + +http://www.computechnology.com/pslave1440.img +. +This is a copy of my +working disk and you can directly write an image of it to your disk. +It will get you started. All you will then have to do is change to +the appropriate IP numbers and network card drivers. I won't get into +building a lrp disk here because there seems to be fairly good +documentation on that subject available. + + + +Assuming you have your disk built, and you computer running, here is +what we need to do to configure your disk. + + + +First, DELETE (yes, I said +DELETE) all options.tty?? +files, the options file, and pap-secrets files located +under /etc/ppp-radius and +/etc/ppp. If you have an /etc/ppp, +you probably installed ppp.lrp. Also +remove ppp.lrp from your disk and +/etc/ppp will go away. + + + +Next, go to /etc/portslave and adjust the +pslave.conf file accordingly. I will now +take you through that file line-by-line. I don't know what all of it +means but I made it work so you can to. + + + + +# +# pslave.conf Here is the sample server configuration file. +# +# Version: 1.17 03-Nov-1998 +# + +# +# Hostname of the system. +# +# This is my routers name. Your routers name will be different + +conf.hostname hma2.cpty.net + +# +# IP address - if left empty, uses the IP address of the system (hostname). +# +# This is used as the "local" address for SLIP and PPP connections. +# This is my routers IP address yours will be different use your routers +# IP number here + +conf.ipno 10.0.0.4 + +# +# Lock directory - on FSSTND compliant systems it's /var/lock. +# +# No need to change this + +conf.lockdir /var/lock + +# +# Where to find the rlogin binary that accepts the "-i" flag. +# +# No need to change this + +conf.rlogin /usr/bin/rlogin-radius + +# +# Where to find our patched pppd that has radius linked in. +# +# No need to change this + +conf.pppd /usr/sbin/pppd-radius + +# +# Where to find telnet. This can just be the system telnet. +# +# This can stay or go + +conf.telnet /usr/bin/telnet + +# +# If you set this to "1", you can always login locally by putting a '!' +# before your loginname. Useful for emergencies when the RADIUS server is down. +# Make this either 0 or 1 as mentioned above + +conf.locallogins 1 + +# +# Logging stuff - this program can use a remote syslog daemon if needed. +# +# If you want to log locally leave the "syslog" field empty. The facility +# field is an integer between 0 and 7 and sets the syslog facility to +# local0-local7. +# +# For now I log local to my router that is why I do not have anything +# after syslog + +conf.syslog + +conf.facility 6 + +# +# Stripnames - if you set this to "1", leading "P", "S", "C", "L" or "!" +# characters and trailing ".slip", ".cslip" and ".ppp" strings will be +# stripped from the username before it is recorded in the system +# utmp and wtmp files (if sysutmp or syswtmp are turned on of course) +# +# No need to change this + +conf.stripnames 0 + + +## +## The all entry is used as a template for all others. This means that +## setting all.debug to 0, you set s0.debug, s1.debug, s2.debug etc. +## to 0. It also means that all these settings can be overridden on a +## per-port basis below. +## +## The "all." stuff is the default for everything unless you specifically +## override it. I'll show you that at the end of this. + + +# +# Debugging output to syslog. Set to 0 or 1. "1" is pretty verbose. +# This can be 0 or 1. I like 1 because it gives lots of info + +all.debug 1 + +# +# Authentication type - either "radius" or "none". +# +# Leave this as it is + +all.authtype radius + +# +# Authentication host and accounting host. We can have 2 of both. The +# first one is always tried three times before switching to the second one. +# They are alternately tried after that, up to maximum 10 times in total. +# Timeout is 5 seconds per query. +# +# These are the names of my RADIUS servers; name your RADIUS servers here + +all.authhost1 cody.cpty.net +all.accthost1 cody.cpty.net + +#all.authhost2 backuphost.someisp.com +#all.accthost2 backuphost.someisp.com + +# +# +# The shared secret for RADIUS. +# +# Put your shared secret here, this must match the shared secret in +# your RADIUS servers clients file for the IP number or name of this router. + +all.secret superagentman + +# +# Default protocol and host. This is for rlogin sessions. +# +# Just change the all.host to the IP number of your router this should +# match what you have at the top of this file + +all.protocol rlogin +all.host 10.0.0.4 + +# +# Default IP stuff. If you end the "ipno" with a "+", the portnumber will +# be added to the IP number. The IP number of a port is used when the RADIUS +# server doesn't send an IP number, or if it tells us to use a dynamic ipno. +# +# Leave the netmask at 255.255.255.255, unless you really know what +# you're doing. +# +# This seemed a little confusing, but since I went with static IP numbers +# this was easy. I do not have "+" after my IP number because I directly +# assign the IP number to a MODEM at the end of this file. +# +# I modified the netmask to match that of my network. And I left MTU alone + +all.ipno 10.0.0.4 +all.netmask 255.255.255.0 +all.mtu 1500 + +# +# Standard message that is issued on connect. +# +# No need to change this + +all.issue \n\ + +Cistron Internet Services \n\ + +POP Alphen aan den Rijn \n\ + +Welcome to terminal server %h port S%p\n + +# +# Login prompt. +# +# No Need to change this + +all.prompt Cistron login: + +# +# Terminal type, for rlogin/telnet sessions. +# +# No need to change this + +all.term vt100 + +# +# If you want portslave to update the utmp and/or wtmp files just +# like a regular getty/login, set these to 1. +# +# I set both of these to 1; you can do what you want here + +all.sysutmp 1 + +all.syswtmp 1 + + +## +## Options for the serial port. +## + +# +# Porttype (passed to Radius for logging). +# 0 = async, 1 = sync, 2 = ISDN, 3 = ISDN-V120, 4 = ISDN-V110 +# +# Use 0 if its a modem + +all.porttype 0 + +# +# Speed. All ports are set to 8N1. +# +# Set this to just beyond your max modem speed + +all.speed 115200 + +# +# Use this to initialize the modem. +# +# I had to make this AT&F to reset the modem to it's defaults +# each time ATZ did not work. If you are not familiar with scripting +# then some of this won't make sense to you. That's ok; I didn't get u +# it either until I played with it. + +all.initchat "" \d\dAT&F OK\r\n-AT&F-OK\r\n + +# +# You can use either waitfor or aa. +# +# No need to change this + +all.waitfor RING + +# +# Chat string to get the modem to connect after waitfor. +# +# The @ sign matches (.*)[\r\n] in regexp code, the match is logged +# to Radius as Connection-Info. +# +# No need to change this + +all.answer "" ATA CONNECT@ + +# +# Auto answer - if you set this to "1", the system will just wait for +# the DCD line to get high (this is not well tested). You won't get +# the connection info either. +# +# No need to change this + +all.aa 0 + +# +# You can use this chatstring to regulary check if the modem is still alive. +# +# NOT IMPLEMENTED YET. +# +# I don't know if this line works or not. Let me know if you find anything +# out about it. Just leave it the same and portslave will work. + +all.checktime 60 +all.checkchat "" AT OK\r\n + +# +# Flow control on this serial port: +# +# hard - hardware, rts/cts +# soft - software, CTRL-S / CTRL-Q +# none +# +# No need to change this + +all.flow hard + +# +# Use the DCD line or not (this sets CLOCAL if on). This means that the +# session will get hung up if the modem hangs up. Can be set to 0 or 1. +# +# No need to change this + +all.dcd 1 + +# +# PPP options - used if we autodetect a PPP session. +# +# Note that we set mru and mtu both to the MTU setting. +# +# Look at these lines close; this is what worked for me. +# These parameters are sent to the ppp daemon when it +# is called. I think the autoppp is called first then +# after you are authenticated I think the second ppp is +# called. I don't know for sure that this is how it worked, +# but it appears that way to me + +all.autoppp proxyarp modem asyncmap 0 %i: \ + +noipx noccp login auth +pap -chap \ + +mtu %t mru %t \ + +ms-dns 208.206.143.35 ms-dns 208.206.143.36 \ + +uselib /usr/lib/libpsr.so + + +# +# PPP options - User already authenticated and service type is PPP. +# + +all.pppopt proxyarp modem asyncmap 0 %i:%j \ + +noipx noccp \ + +mtu %t mru %t netmask %m idle %I \ + +ms-dns 208.206.143.35 ms-dns 208.206.143.36 \ + +uselib /usr/lib/libpsr.so + + +## +## Tty names are s0...s63. For every port we need to define a tty port, and +## an IP number for when radius tells us to pick one ourself. Unless you +## use the IP pool option mentioned above (IP number with "+" appended). +## +## Note that you can change _all_ of the above settings that start +## with all.xxxx on a per-port basis, such as issue, prompt etc. +## +## This is where you can set options to a specific modem. sX.tty is +## for portslaves use you assign it to a real tty device. +## In the /etc/inittab you will see the lines portlsave 0 or 1 etc.. +## this 0 or 1 is the tty device number portslave already knows it is +## "tty something" so all it requires is the last digits. +## +## Since my modem is on COM 4 (DOS) that means s3.tty is ttyS3 + +s3.tty ttyS3 + +# Now I can set options for that modem +# +# Here is it's IP number statically assigned + +s3.ipno 10.0.0.202 + +# Here is the protocol to use on that modem. PAY CLOSE ATTENTION HERE! +# This is the line that finally made portslave work perfectly for me. +# You must tie the ppp protocol to your modem. Simple huh? + +s3.protocol ppp + + + + + + +
+