mirror of https://github.com/tLDP/LDP
551 lines
14 KiB
Plaintext
551 lines
14 KiB
Plaintext
<!DOCTYPE article PUBLIC "-//OASIS//DTD DocBook V3.1//EN">
|
|
|
|
<article>
|
|
|
|
<!-- Header -->
|
|
|
|
<artheader>
|
|
<title>PortSlave How-To using the Linux Router</title>
|
|
|
|
<author>
|
|
<firstname>Tom</firstname>
|
|
<surname>McKellips</surname>
|
|
<affiliation>
|
|
<address>
|
|
<email>tom@computechnology.com</email>
|
|
</address>
|
|
</affiliation>
|
|
</author>
|
|
|
|
<revhistory>
|
|
<revision>
|
|
<revnumber>v1.00</revnumber>
|
|
<date>8 October 2000</date>
|
|
</revision>
|
|
</revhistory>
|
|
|
|
<abstract>
|
|
<para>
|
|
I wrote this as a beginning for using Portslave with the
|
|
Linux router project. It seems that Portslave is a widely used
|
|
program with no documentation. Since I just dove into using
|
|
Portslave I am sure this document can be improved by others over
|
|
time. After several days of fighting Portslave, I figured out how
|
|
incredibly easy to use it really is.
|
|
</para>
|
|
</abstract>
|
|
|
|
</artheader>
|
|
|
|
|
|
<!-- Section1: intro -->
|
|
|
|
<sect1 id="intro">
|
|
<title>Introduction</title>
|
|
|
|
<para>
|
|
Share this with all; sell it to no one.
|
|
</para>
|
|
|
|
<para>
|
|
First, I just want to thank all the Linux programmers out there. Your
|
|
contributions have made a difference. I hope this small contribution
|
|
is useful to the Linux users out there.
|
|
</para>
|
|
|
|
<para>
|
|
I wrote this as a beginning for using Portslave with the
|
|
Linux router project. It seems that Portslave is a widely used
|
|
program with no documentation. Since I just dove into using Portslave
|
|
I am sure this document can be improved by others over time. After
|
|
several days of fighting Portslave I figured out how incredibly easy
|
|
to use it really is.
|
|
</para>
|
|
|
|
<para>
|
|
The trouble I ran into most of the time was PAP Authentication
|
|
failure. This was really tough thing to work out (I thought). I also
|
|
had a few other errors, but if you follow this How To it should at
|
|
least get you started (or start you to the insane asylum).
|
|
</para>
|
|
|
|
<!-- Section2: copyright -->
|
|
|
|
<sect2 id="copyright">
|
|
<title>Copyright Information</title>
|
|
|
|
<para>
|
|
This document is copyrighted (c) 2000 Tom McKellips and is
|
|
distributed under the terms of the Linux Documentation Project
|
|
(LDP) license, stated below.
|
|
</para>
|
|
|
|
<para>
|
|
Unless otherwise stated, Linux HOWTO documents are
|
|
copyrighted by their respective authors. Linux HOWTO documents may
|
|
be reproduced and distributed in whole or in part, in any medium
|
|
physical or electronic, as long as this copyright notice is
|
|
retained on all copies. Commercial redistribution is allowed and
|
|
encouraged; however, the author would like to be notified of any
|
|
such distributions.
|
|
</para>
|
|
|
|
<para>
|
|
All translations, derivative works, or aggregate works
|
|
incorporating any Linux HOWTO documents must be covered under this
|
|
copyright notice. That is, you may not produce a derivative work
|
|
from a HOWTO and impose additional restrictions on its
|
|
distribution. Exceptions to these rules may be granted under
|
|
certain conditions; please contact the Linux HOWTO coordinator at
|
|
the address given below.
|
|
</para>
|
|
|
|
<para>
|
|
In short, we wish to promote dissemination of this
|
|
information through as many channels as possible. However, we do
|
|
wish to retain copyright on the HOWTO documents, and would like to
|
|
be notified of any plans to redistribute the HOWTOs.
|
|
</para>
|
|
|
|
<para>
|
|
If you have any questions, please contact
|
|
<email>linux-howto@metalab.unc.edu</email>
|
|
</para>
|
|
</sect2>
|
|
|
|
<!-- Section2: disclaimer -->
|
|
|
|
<sect2 id="disclaimer">
|
|
<title>Disclaimer</title>
|
|
|
|
<para>
|
|
No liability for the contents of this documents can be accepted.
|
|
Use the concepts, examples and other content at your own risk.
|
|
As this is a new edition of this document, there may be errors
|
|
and inaccuracies, that may of course be damaging to your system.
|
|
Proceed with caution, and although this is highly unlikely,
|
|
the author does not take any responsibility for that.
|
|
</para>
|
|
|
|
<para>
|
|
All copyrights are held by their respective owners, unless
|
|
specifically noted otherwise. Use of a term in this document
|
|
should not be regarded as affecting the validity of any trademark
|
|
or service mark.
|
|
</para>
|
|
|
|
<para>
|
|
Naming of particular products or brands should not be seen
|
|
as endorsements.
|
|
</para>
|
|
|
|
<para>
|
|
You are strongly recommended to take a backup of your system
|
|
before major installation and backups at regular intervals.
|
|
</para>
|
|
</sect2>
|
|
|
|
</sect1>
|
|
|
|
<!-- Section1: intro: END -->
|
|
|
|
|
|
<!-- Section1: procedure -->
|
|
|
|
<sect1 id="procedure">
|
|
<title>The Procedure</title>
|
|
|
|
|
|
<para>
|
|
First, you need a running version of LRP - either build the disk yourself
|
|
or you can grab an image of mine at:
|
|
<ulink url="http://www.computechnology.com/pslave1440.img">
|
|
http://www.computechnology.com/pslave1440.img
|
|
</ulink>.
|
|
This is a copy of my
|
|
working disk and you can directly write an image of it to your disk.
|
|
It will get you started. All you will then have to do is change to
|
|
the appropriate IP numbers and network card drivers. I won't get into
|
|
building a lrp disk here because there seems to be fairly good
|
|
documentation on that subject available.
|
|
</para>
|
|
|
|
<para>
|
|
Assuming you have your disk built, and you computer running, here is
|
|
what we need to do to configure your disk.
|
|
</para>
|
|
|
|
<para>
|
|
First, <emphasis>DELETE</emphasis> (yes, I said
|
|
<emphasis>DELETE</emphasis>) all <filename>options.tty??</filename>
|
|
files, the options file, and pap-secrets files located
|
|
under <filename>/etc/ppp-radius</filename> and
|
|
<filename>/etc/ppp</filename>. If you have an <filename>/etc/ppp</filename>,
|
|
you probably installed <filename>ppp.lrp</filename>. Also
|
|
remove <filename>ppp.lrp</filename> from your disk and
|
|
<filename>/etc/ppp</filename> will go away.
|
|
</para>
|
|
|
|
<para>
|
|
Next, go to <filename>/etc/portslave</filename> and adjust the
|
|
<filename>pslave.conf</filename> file accordingly. I will now
|
|
take you through that file line-by-line. I don't know what all of it
|
|
means but I made it work so you can to.
|
|
</para>
|
|
|
|
<para>
|
|
<screen>
|
|
#
|
|
# pslave.conf Here is the sample server configuration file.
|
|
#
|
|
# Version: 1.17 03-Nov-1998
|
|
#
|
|
|
|
#
|
|
# Hostname of the system.
|
|
#
|
|
# This is my routers name. Your routers name will be different
|
|
|
|
conf.hostname hma2.cpty.net
|
|
|
|
#
|
|
# IP address - if left empty, uses the IP address of the system (hostname).
|
|
#
|
|
# This is used as the "local" address for SLIP and PPP connections.
|
|
# This is my routers IP address yours will be different use your routers
|
|
# IP number here
|
|
|
|
conf.ipno 10.0.0.4
|
|
|
|
#
|
|
# Lock directory - on FSSTND compliant systems it's /var/lock.
|
|
#
|
|
# No need to change this
|
|
|
|
conf.lockdir /var/lock
|
|
|
|
#
|
|
# Where to find the rlogin binary that accepts the "-i" flag.
|
|
#
|
|
# No need to change this
|
|
|
|
conf.rlogin /usr/bin/rlogin-radius
|
|
|
|
#
|
|
# Where to find our patched pppd that has radius linked in.
|
|
#
|
|
# No need to change this
|
|
|
|
conf.pppd /usr/sbin/pppd-radius
|
|
|
|
#
|
|
# Where to find telnet. This can just be the system telnet.
|
|
#
|
|
# This can stay or go
|
|
|
|
conf.telnet /usr/bin/telnet
|
|
|
|
#
|
|
# If you set this to "1", you can always login locally by putting a '!'
|
|
# before your loginname. Useful for emergencies when the RADIUS server is down.
|
|
# Make this either 0 or 1 as mentioned above
|
|
|
|
conf.locallogins 1
|
|
|
|
#
|
|
# Logging stuff - this program can use a remote syslog daemon if needed.
|
|
#
|
|
# If you want to log locally leave the "syslog" field empty. The facility
|
|
# field is an integer between 0 and 7 and sets the syslog facility to
|
|
# local0-local7.
|
|
#
|
|
# For now I log local to my router that is why I do not have anything
|
|
# after syslog
|
|
|
|
conf.syslog
|
|
|
|
conf.facility 6
|
|
|
|
#
|
|
# Stripnames - if you set this to "1", leading "P", "S", "C", "L" or "!"
|
|
# characters and trailing ".slip", ".cslip" and ".ppp" strings will be
|
|
# stripped from the username before it is recorded in the system
|
|
# utmp and wtmp files (if sysutmp or syswtmp are turned on of course)
|
|
#
|
|
# No need to change this
|
|
|
|
conf.stripnames 0
|
|
|
|
|
|
##
|
|
## The all entry is used as a template for all others. This means that
|
|
## setting all.debug to 0, you set s0.debug, s1.debug, s2.debug etc.
|
|
## to 0. It also means that all these settings can be overridden on a
|
|
## per-port basis below.
|
|
##
|
|
## The "all." stuff is the default for everything unless you specifically
|
|
## override it. I'll show you that at the end of this.
|
|
|
|
|
|
#
|
|
# Debugging output to syslog. Set to 0 or 1. "1" is pretty verbose.
|
|
# This can be 0 or 1. I like 1 because it gives lots of info
|
|
|
|
all.debug 1
|
|
|
|
#
|
|
# Authentication type - either "radius" or "none".
|
|
#
|
|
# Leave this as it is
|
|
|
|
all.authtype radius
|
|
|
|
#
|
|
# Authentication host and accounting host. We can have 2 of both. The
|
|
# first one is always tried three times before switching to the second one.
|
|
# They are alternately tried after that, up to maximum 10 times in total.
|
|
# Timeout is 5 seconds per query.
|
|
#
|
|
# These are the names of my RADIUS servers; name your RADIUS servers here
|
|
|
|
all.authhost1 cody.cpty.net
|
|
all.accthost1 cody.cpty.net
|
|
|
|
#all.authhost2 backuphost.someisp.com
|
|
#all.accthost2 backuphost.someisp.com
|
|
|
|
#
|
|
#
|
|
# The shared secret for RADIUS.
|
|
#
|
|
# Put your shared secret here, this must match the shared secret in
|
|
# your RADIUS servers clients file for the IP number or name of this router.
|
|
|
|
all.secret superagentman
|
|
|
|
#
|
|
# Default protocol and host. This is for rlogin sessions.
|
|
#
|
|
# Just change the all.host to the IP number of your router this should
|
|
# match what you have at the top of this file
|
|
|
|
all.protocol rlogin
|
|
all.host 10.0.0.4
|
|
|
|
#
|
|
# Default IP stuff. If you end the "ipno" with a "+", the portnumber will
|
|
# be added to the IP number. The IP number of a port is used when the RADIUS
|
|
# server doesn't send an IP number, or if it tells us to use a dynamic ipno.
|
|
#
|
|
# Leave the netmask at 255.255.255.255, unless you really know what
|
|
# you're doing.
|
|
#
|
|
# This seemed a little confusing, but since I went with static IP numbers
|
|
# this was easy. I do not have "+" after my IP number because I directly
|
|
# assign the IP number to a MODEM at the end of this file.
|
|
#
|
|
# I modified the netmask to match that of my network. And I left MTU alone
|
|
|
|
all.ipno 10.0.0.4
|
|
all.netmask 255.255.255.0
|
|
all.mtu 1500
|
|
|
|
#
|
|
# Standard message that is issued on connect.
|
|
#
|
|
# No need to change this
|
|
|
|
all.issue \n\
|
|
|
|
Cistron Internet Services \n\
|
|
|
|
POP Alphen aan den Rijn \n\
|
|
|
|
Welcome to terminal server %h port S%p\n
|
|
|
|
#
|
|
# Login prompt.
|
|
#
|
|
# No Need to change this
|
|
|
|
all.prompt Cistron login:
|
|
|
|
#
|
|
# Terminal type, for rlogin/telnet sessions.
|
|
#
|
|
# No need to change this
|
|
|
|
all.term vt100
|
|
|
|
#
|
|
# If you want portslave to update the utmp and/or wtmp files just
|
|
# like a regular getty/login, set these to 1.
|
|
#
|
|
# I set both of these to 1; you can do what you want here
|
|
|
|
all.sysutmp 1
|
|
|
|
all.syswtmp 1
|
|
|
|
|
|
##
|
|
## Options for the serial port.
|
|
##
|
|
|
|
#
|
|
# Porttype (passed to Radius for logging).
|
|
# 0 = async, 1 = sync, 2 = ISDN, 3 = ISDN-V120, 4 = ISDN-V110
|
|
#
|
|
# Use 0 if its a modem
|
|
|
|
all.porttype 0
|
|
|
|
#
|
|
# Speed. All ports are set to 8N1.
|
|
#
|
|
# Set this to just beyond your max modem speed
|
|
|
|
all.speed 115200
|
|
|
|
#
|
|
# Use this to initialize the modem.
|
|
#
|
|
# I had to make this AT&F to reset the modem to it's defaults
|
|
# each time ATZ did not work. If you are not familiar with scripting
|
|
# then some of this won't make sense to you. That's ok; I didn't get u
|
|
# it either until I played with it.
|
|
|
|
all.initchat "" \d\dAT&F OK\r\n-AT&F-OK\r\n
|
|
|
|
#
|
|
# You can use either waitfor or aa.
|
|
#
|
|
# No need to change this
|
|
|
|
all.waitfor RING
|
|
|
|
#
|
|
# Chat string to get the modem to connect after waitfor.
|
|
#
|
|
# The @ sign matches (.*)[\r\n] in regexp code, the match is logged
|
|
# to Radius as Connection-Info.
|
|
#
|
|
# No need to change this
|
|
|
|
all.answer "" ATA CONNECT@
|
|
|
|
#
|
|
# Auto answer - if you set this to "1", the system will just wait for
|
|
# the DCD line to get high (this is not well tested). You won't get
|
|
# the connection info either.
|
|
#
|
|
# No need to change this
|
|
|
|
all.aa 0
|
|
|
|
#
|
|
# You can use this chatstring to regulary check if the modem is still alive.
|
|
#
|
|
# NOT IMPLEMENTED YET.
|
|
#
|
|
# I don't know if this line works or not. Let me know if you find anything
|
|
# out about it. Just leave it the same and portslave will work.
|
|
|
|
all.checktime 60
|
|
all.checkchat "" AT OK\r\n
|
|
|
|
#
|
|
# Flow control on this serial port:
|
|
#
|
|
# hard - hardware, rts/cts
|
|
# soft - software, CTRL-S / CTRL-Q
|
|
# none
|
|
#
|
|
# No need to change this
|
|
|
|
all.flow hard
|
|
|
|
#
|
|
# Use the DCD line or not (this sets CLOCAL if on). This means that the
|
|
# session will get hung up if the modem hangs up. Can be set to 0 or 1.
|
|
#
|
|
# No need to change this
|
|
|
|
all.dcd 1
|
|
|
|
#
|
|
# PPP options - used if we autodetect a PPP session.
|
|
#
|
|
# Note that we set mru and mtu both to the MTU setting.
|
|
#
|
|
# Look at these lines close; this is what worked for me.
|
|
# These parameters are sent to the ppp daemon when it
|
|
# is called. I think the autoppp is called first then
|
|
# after you are authenticated I think the second ppp is
|
|
# called. I don't know for sure that this is how it worked,
|
|
# but it appears that way to me
|
|
|
|
all.autoppp proxyarp modem asyncmap 0 %i: \
|
|
|
|
noipx noccp login auth +pap -chap \
|
|
|
|
mtu %t mru %t \
|
|
|
|
ms-dns 208.206.143.35 ms-dns 208.206.143.36 \
|
|
|
|
uselib /usr/lib/libpsr.so
|
|
|
|
|
|
#
|
|
# PPP options - User already authenticated and service type is PPP.
|
|
#
|
|
|
|
all.pppopt proxyarp modem asyncmap 0 %i:%j \
|
|
|
|
noipx noccp \
|
|
|
|
mtu %t mru %t netmask %m idle %I \
|
|
|
|
ms-dns 208.206.143.35 ms-dns 208.206.143.36 \
|
|
|
|
uselib /usr/lib/libpsr.so
|
|
|
|
|
|
##
|
|
## Tty names are s0...s63. For every port we need to define a tty port, and
|
|
## an IP number for when radius tells us to pick one ourself. Unless you
|
|
## use the IP pool option mentioned above (IP number with "+" appended).
|
|
##
|
|
## Note that you can change _all_ of the above settings that start
|
|
## with all.xxxx on a per-port basis, such as issue, prompt etc.
|
|
##
|
|
## This is where you can set options to a specific modem. sX.tty is
|
|
## for portslaves use you assign it to a real tty device.
|
|
## In the /etc/inittab you will see the lines portlsave 0 or 1 etc..
|
|
## this 0 or 1 is the tty device number portslave already knows it is
|
|
## "tty something" so all it requires is the last digits.
|
|
##
|
|
## Since my modem is on COM 4 (DOS) that means s3.tty is ttyS3
|
|
|
|
s3.tty ttyS3
|
|
|
|
# Now I can set options for that modem
|
|
#
|
|
# Here is it's IP number statically assigned
|
|
|
|
s3.ipno 10.0.0.202
|
|
|
|
# Here is the protocol to use on that modem. PAY CLOSE ATTENTION HERE!
|
|
# This is the line that finally made portslave work perfectly for me.
|
|
# You must tie the ppp protocol to your modem. Simple huh?
|
|
|
|
s3.protocol ppp
|
|
|
|
</screen>
|
|
</para>
|
|
|
|
</sect1>
|
|
|
|
</article>
|
|
|