File: ali.html

package info (click to toggle)
lg-issue36 2-4
  • links: PTS
  • area: main
  • in suites: woody
  • size: 2,920 kB
  • ctags: 242
  • sloc: makefile: 36; sh: 4
file content (347 lines) | stat: -rw-r--r-- 13,346 bytes parent folder | download | duplicates (2)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
<!--startcut ==========================================================-->
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2//EN">
<HTML>
<HEAD>
<title>SETTING UP A PPP/POP DIAL-IN SERVER LG #36</title>
</HEAD>
<BODY BGCOLOR="#FFFFFF" TEXT="#000000" LINK="#0000FF" VLINK="#A000A0"
ALINK="#FF0000">
<!--endcut ============================================================-->

<H4>
"Linux Gazette...<I>making Linux just a little more fun!</I>"
</H4>

<P> <HR> <P> 
<!--===================================================================-->

<center>
<H1><font color="maroon">Setting Up a PPP/POP Dial-in Server USING Red Hat Linux 5.1</font></H1>
<H4>By <a href="mailto:hassan@glcom.com">Hassan Ali</a></H4>
</center>
<P> <HR> <P>  
DISCLAIMER:
<P>
This worked for me. Your mileage may vary!
<P>
OBJECTIVES:<BR> 
To install PPP and POP/IMAP services on a Red Hat Linux 5.1 server for
dial-in users.
<P>
TOOLS: <BR> 
Red Hat Linux 5.1 CDs
<P>
ASSUMPTIONS:<BR> 
You have a PC with basic installation of Red Hat Linux 5.1 with
a Linux kernel that supports IP forwarding.
<P><HR> <P> 
STEP 1: Install "mgetty" (if not yet installed) from Red Hat 5.1 CD #1<BR> 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
<ol>
<li>Login as "root", insert Red Hat 5.1 CD #1 in the CD-ROM drive and
     mount it using the command:
<pre>
     # mount -t iso9660 /dev/hdb /mnt/cdrom
</pre>
     (It is assumed that your CD-ROM drive is device /dev/hdb, if not
     change it accordingly)
<li>Get to the RPMS directory:
<pre>
     # cd /mnt/cdrom/RedHat/RPMS
</pre>
<li>Install "mgetty" rpm files:
<pre>
     # rpm -Uvh mgetty*
</pre>
     This will install mgetty and all its cousins, but who cares!! If you
     hate extended family, have your way and replace "mgetty*" with
     "mgetty-1.1.14-2.i386.rpm". 

<li>At the end of /etc/mgetty+sendfax/mgetty.config file, add the
     following set of three lines for each serial port connected to a modem
     for dial-in users. Here is an example for /dev/ttyS1 and /dev/ttyC15:
<pre>
     # For US Robotics Sportster 28.8 with speaker off
     port ttyS1
     init-chat "" ATZ OK AT&F1M0E1Q0S0=0 OK
     answer-chat "" ATA CONNECT \c \r

     # For Practical Peripheral 14.4 with fax disabled and prolonged
     # carrier wait time (90 sec)
     port ttyC15
     init-chat "" ATZ OK AT&F1M0E1Q0S0=0S7=90+FCLASS=0 OK
     answer-chat "" ATA CONNECT \c \r
</pre>
Notes:
<ol>
   <li>AT&F1 sets hardware flow-control mode on many modems. For other
         modems use appropriate initializations in the init-chat line.
         <li>Just in case you wonder why I took as an example a ttyC15
	 port; well, you may have such a port if you have a multiport
	 serial card. If you need one, I recommend Cyclades cards.
</ol>
<li>In /etc/mgetty+sendfax/login.config file, search for the line that
     starts with /AutoPPP/. Make sure that it is not commented (i.e. there
     is no "#" at the beginning of the line), and edit it to be:
<pre>
     /AutoPPP/	-	a_ppp  	/etc/ppp/ppplogin
</pre>
     If you wish to have users' login names (rather than "a_ppp") to
     appear in the /var/run/utmp and /var/log/wtmp log files, then the
     above line should be:
<pre>
     /AutoPPP/	-	-	/etc/ppp/ppplogin
</pre>
<li>In /etc/inittab file, search for the section that runs "getty"
     processes and add at the end of that section one line of the
     following form for each modem port. Example here is given for ttyS1
     and ttyC15.
<pre>
     7:2345:respawn:/sbin/mgetty -x 3 ttyS1
     8:2345:respawn:/sbin/mgetty -x 3 ttyC15
</pre>
     [the first number (7,8) is arbitrary (in fact I have seen in some
     cases "s1", "s2", etc, used instead). Just give a different number
     for each port. And why not you go by the order!!? Me wonders!]

<li> Connect the modems to the serial ports, switch them ON and then
     initialize "mgetty" with the command:
<pre>
     # init q
</pre>
     NOTE: If you spawn "mgetty" on a serial port with no modem
     connected to it, or the modem is not switched ON, you'll get
     lots of error messages in "/var/log/messages" or/and in the other
     mgetty ("/var/log/log_mg.ttyXX") log files. In fact those
     error messages may continuosly pop up on your screen. Quite
     annoying, eh? To avoid this annoyance, each serial port that has no 
     modem connected to it should have its corresponding lines
     commented out in /etc/inittab and in 
     /etc/mgetty+sendfax/mgetty.config files.
</ol>
<P><HR> <P> 
STEP 2: Install PPP (if not installed) from Red Hat 5.1 CD #1<BR> 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
<ol>
<li> If the Red Hat CD #1 is properly mounted (see STEP 1.1), to
     install PPP type the following command:
<pre>
 # rpm -Uvh /mnt/cdrom/RedHat/RPMS/ppp*
</pre>
<li>Edit /etc/ppp/options files to read as follows:
<pre>
     -detach
     crtscts
     netmask 255.255.255.0
     asyncmap 0
     modem
     proxyarp
</pre>
     NOTES: 
<ol>
<li>Use appropriate netmask for your network. It doesn't have to
           be 255.255.255.0, in fact in my case it was 255.255.255.224
           <li>Read man pages for "pppd" to understand those options.
</ol>
<li>Edit /etc/ppp/ppplogin file (create it if it doesn't exist) to read as
     follows:
<pre>
     #!/bin/sh
     mesg n
     stty -echo
     /usr/sbin/pppd silent auth -chap +pap login
</pre>
     Make the file executable using command:
<pre>
     # chmod +x /etc/ppp/ppplogin
</pre>
     NOTE: We're going to use PAP authentication BUT using the ordinary
           /etc/passwd password file. That's what "+pap login" means.

<li> For each serial port connected to a modem, create a corresponding
     /etc/ppp/options.ttyXX file, where "XX" is "S1" for ttyS1 port,
     "S2" for ttyS2 port, "C15" for ttyC15, etc. In one such file put
     the following line:
<pre>
     myhost:ppp01
</pre>
     
     where "myhost" is the hostname of the PPP server - change it
     accordingly to the actual hostname of your Linux box. If you're
     more forgetful than you can REMEMBER to admit, remind yourself of
     the hostname of your server using the "hostname" command.
<pre>
     # hostname
</pre>
     The word "ppp01" used above is just an arbitrarily chosen name for
     the virtual host associated with one of the PPP dial-in lines and
     its corresponding IP address as defined in /etc/hosts file (to be
     discussed later). 
     In another /etc/ppp/options.ttyXX file, you may wish to type in the
     following line:
<pre>
     myhost:ppp02
</pre>
     That is, here you define a different PPP hostname, "ppp02". Use
     a different hostname for each serial port. You can choose any names
     that your lil' old heart desires! They don't have to be ppp01,
     ppp02, ppp03, etc. They can be "junkie", "newbie", "noname",
     whatever!

<li>Edit /etc/ppp/pap-secrets file and add one line as shown below for
     each IP address that is to be dynamically assigned to PPP dial-in
     users. This, of course, assumes that you have a pool of IP
     addresses that you can assign to your dial-in clients:
<pre>
     # Secrets for authentication using PAP
     # client	server		secret		IP addresses
     *		*		""		10.0.0.3
     *		*		""		10.0.0.4
</pre>
    
     This says: no PAP secrets (passwords) set for any client from
     anywhere in the world with the shown IP address. We don't need to
     use PAP secrets if we will be using /etc/passwd instead. If
     you are REALLY not paranoid, you can have just one following line 
     that will serve all the IP addresses (yours and your
     neighbour's!):
<pre>
     # Secrets for authentication using PAP
     # client	server		secret		IP addresses
     *		*		""		*	
</pre>
<li>Make /usr/sbin/pppd program setuid "root" by using command:
<pre>
     # chmod u+s /usr/sbin/pppd
</pre>
<li>Edit /etc/hosts file to assign IP addresses to all PPP hostnames
     you used in STEP 2.4. Use the pool of IP addresses used in STEP
     2.5:
<pre>
     10.0.0.3	ppp01	ppp01.mydomain.com
     10.0.0.4	ppp02	ppp02.mydomain.com
</pre>
     NOTE: Replace "mydomain.com" with the actual domain name of your PPP
     server. Just in case you're confused, I assume your PPP server is
     "myhost.mydomain.com".
</ol>
<P><HR> <P> 
STEP 3: Install POP/IMAP servers (if not installed) from Red Hat 5.1 CD #1<BR> 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
<ol>
<li>With the Red Hat CD #1 properly mounted, issue the following
     command to install POP and IMAP:
<pre>
     # rpm -Uvh /mnt/cdrom/RedHat/RPMS/imap*
</pre>
<li>Check /etc/inetd.conf file to see if "pop-2", "pop-3", and "imap"
     service lines are all uncommented. If not, uncomment them (i.e
     remove the leading "#"). If you only want to support POP3
     clients, just uncomment the "pop-3" line. If POP2 and POP3
     files are not in the "imap*" RPM file, try to see if you have
     "ipop*" RPM file and use it instead.

<li>Activate the new services by using command:
<pre>
     # kill -HUP `cat /var/run/inetd.pid`
</pre>
</ol>
<P> <HR> <P> 
STEP 4: Enable IP fowarding <BR> 
~~~~~~~~~~~~~~~~~~~~~~~~~~~
<ol>
<li>If you use the already compiled Linux kernel that comes with
     Red Hat 5.1, it does normally have support for IP forwarding. If you
     compile your own Linux kernel, you have to enable "IP:
     forwarding/gatewaying" networking option during compilation. 
     
     For RFC compliance, the default bootup process does not enable
     IP forwarding.  Enable IP forwarding by setting it to "yes" in
     /etc/sysconfig/network file, like so:
<pre>
     FORWARD_IPV4=yes
</pre>
<li>Activate IP forwarding by using command:
<pre>
     # echo "1" > /proc/net/ip_forward
</pre>
     or by rebooting the system.
</ol>
<P><HR> <P> 
STEP 5: Test the server<BR> 
~~~~~~~~~~~~~~~~~~~~~~~
<ol>
<li>First create users (if not ready). You can give them
     "/home/username" home directory and "/bin/bash" login shell if you 
     want them to have both "PPP" and shell access. Give them
     "/home/username" home directory and "/etc/ppp/ppplogin" login program if
     you want them to have PPP access but not shell access. It's better
     to use "usercfg" tool to set-up new users.
     Typical /etc/passwd file entries may be as follows:
<pre>
     jodoe:tdgsHjBn/hkg.:509:509:John Doe:/home/jodoe:/bin/bash
     jadoe:t8j/MonJd9kxy:510:510:Jane Doe:/home/jadoe:/etc/ppp/ppplogin
</pre>
     In this example, John Doe will have both PPP and shell access,
     while Jane Doe will only have PPP access. If you have just started
     to wonder how John Doe may have PPP access, the answer lies with
     the /AutoPPP/ configuration in "mgetty" - it does the magic. Any 
     user that will dial in and talk PPP, mgetty will give him/her the 
     /etc/ppp/ppplogin program. 
 <P>     
     So, if John Doe dials-in using Windows 95 dial-up adaptor
     which is set up to make a PPP connection, mgetty will give John Doe
     PPP access. If he dials in with any other communication software
     e.g HyperTerminal, (with no PPP negotiation) he will be given the 
     normal login shell. This will never happen for Jane Doe. She will
     always be welcome by the "/etc/ppp/ppplogin" program. 
 <P>     
     In fact "mgetty" allows you to use the same modem lines for various
     protocols. For example, your UUCP clients (if you have any) may use
     the same modem lines as your PPP clients! Of course, you have to
     give your UUCP clients "/var/spool/uucppublic" home directory and
     "/usr/sbin/uucico" login program.

<li>Assuming you have a web server (Apache) already setup (it's a
     piece-a-cake to setup Apache), use a web browser, and a POP e-mail
     client (e.g Eudora) on a remote PC connected to a modem and a phone
     line. If it is a Windows 95/98 PC, setup the Dial-up Adaptor
     appropriately by specifying the IP address of the PPP server as the
     Gateway, use correct DNS IP address, and specify that the server
     will assign an IP address automatically. In the POP client (e.g
     Eudora), set SMTP and POP host as the IP address of the PPP/POP
     server.
<P>
     Now dial-up the server and wait for connection. Test out web
     browsing, and POP mail sending and receiving. If it doesn't work...
     something is wrong somewhere ;-) 
 </ol>    
<P><HR> <P> 
REFERENCES:
<P>
1. PPP-HOWTO
2. NET-3-HOWTO
3. "Using Linux", Bill Ball, published by Que (around 
   US$30 - highly recommended)
4. mgetty documentation
<P>

<!--===================================================================-->
<P> <hr> <P> 
<center><H5>Copyright &copy; 1999, Hassan O. Ali <BR> 
Published in Issue 36 of <i>Linux Gazette</i>, January 1999</H5></center>

<!--===================================================================-->
<P> <hr> <P> 
<A HREF="./lg_toc36.html"><IMG ALIGN=BOTTOM SRC="../gx/indexnew.gif" 
ALT="[ TABLE OF CONTENTS ]"></A>
<A HREF="../lg_frontpage.html"><IMG ALIGN=BOTTOM SRC="../gx/homenew.gif"
ALT="[ FRONT PAGE ]"></A>
<A HREF="./merlino.html"><IMG SRC="../gx/back2.gif"
ALT=" Back "></A>
<A HREF="./bennetjan.html"><IMG SRC="../gx/fwd.gif" ALT=" Next "></A>
<P> <hr> <P> 
<!--startcut ==========================================================-->
</BODY>
</HTML>
<!--endcut ============================================================-->