headers
Grahame Jordan | 5 Sep 2004 14:59
Picon

ms-dns not working

I am running a ppp server and it seems that ms-dns does not work.
This may be since I have upgraded to Mandrake 10.0 using kernel
2.6.3-16mdkenterprise and I am using ppp-2.4.2-7mdk.

The options file is thus:
#/etc/ppp/options.ttyS1
debug
kdebug 7
ktune
nodetach
modem
crtscts
proxyarp
asyncmap 0
netmask 255.255.255.224
203.20.16.1:203.20.16.11
ms-dns 203.20.16.1
ms-dns 203.18.20.3

The logs shows something that may be of concern:
Couldn't set pass-filter in kernel:

Any help would be appreciated.

Thanks

Grahame Jordan

# Log output of session
Sep  5 22:07:30 ob1 pppd[10170]: pppd 2.4.2 started by root, uid 0
(Continue reading)

Permalink | Reply | 3 comments |
headers
Oleg Makarenko | 5 Sep 2004 20:23
Picon

Re: [pptp-devel] Re: [2/2]: ppp_mppe inclusion

Hi Matt

Matt Domsch wrote:

>On Mon, Aug 30, 2004 at 05:42:05PM -0500, Matt Domsch wrote:
>  
>
>>On Fri, Jul 30, 2004 at 11:33:09PM +0400, Oleg Makarenko wrote:
>>    
>>
>>>2.  For some reason you can not use non GFP_KERNEL memory and scatter 
>>>lists or at least mix them in crypto_digest().  That is why sha_pad is 
>>>now in struct state {}.
>>>      
>>>
>
>Can you describe what happens when you do?
>  
>

please try the attached patch for tcrypt.c to see what is going on 
yourself.  modrpobe the resulting module with mode=2 parameter to test 
sha1 and see how it fails the tests.

For mode=0 (or without any parameter) you should get kernel panic.

=oleg
Attachment (tcrypt.diff): text/x-patch, 610 bytes
(Continue reading)

Permalink | Reply | 0 comments |
headers
carlsonj | 5 Sep 2004 21:44

Re: ms-dns not working

Grahame Jordan writes:
> I am running a ppp server and it seems that ms-dns does not work.

I don't see what in the logs you've provided would lead to that
conclusion.

> kdebug 7

Don't use 'kdebug' unless you're hacking the kernel modules
themselves.

> netmask 255.255.255.224

'netmask' very likely doesn't do what you want here.

> 203.20.16.1:203.20.16.11

That looks like a proxy-ARP to me, but I see no "proxyarp" option.
Are you sure?

> ms-dns 203.20.16.1
> ms-dns 203.18.20.3

Those look ok.

> The logs shows something that may be of concern:
> Couldn't set pass-filter in kernel:

That's not at all related to MS-DNS.  It means that you've set up a
packet filter, but your kernel PPP modules aren't compiled to support
(Continue reading)

Permalink | Reply | 2 comments |
headers
Pasi Kärkkäinen | 6 Sep 2004 17:15
Picon
Picon
Favicon

Patch for ppp 2.4.2 to support dns/wins from radius

Hi!

http://nrg.joroinen.fi/ppp/ppp-2.4.2-radius-dns-wins-1.patch

I need to assign dns and wins addresses to ppp-client from radius-server, so
I did this small patch. The patch also seems to do some stupid
whitespace-changes, just ignore them :)

Configure your radius-server to assign these vendor-specific attributes:

MS-Primary-DNS-Server
MS-Secondary-DNS-Server
MS-Primary-NBNS-Server
MS-Secondary-NBNS-Server

If these attributes are not given by the radius server, the values from the
pppd config file will be used.

There might be some bugs left, but it worked ok in my little test. I'm not
very sure if I did everything correctly so feel free to comment..

-- Pasi Kärkkäinen

                                   ^
                                .     .
                                 Linux
                              /    -    \
                             Choice.of.the
                           .Next.Generation.
-
(Continue reading)

Permalink | Reply | 0 comments |
headers
Grahame Jordan | 7 Sep 2004 15:21
Picon

Re: ms-dns not working

Hi,

I added the DEBUG to the bit that does the DNS.  I do not get that DEBUG
in my logs. Hence it looks like it isn't being called.

pppd/ipcp.c

static int
setdnsaddr(argv)
    char **argv;
{
    u_int32_t dns;
    struct hostent *hp;
    warn("DEBUG: ipcp.c setdnsaddr");

    dns = inet_addr(*argv);

I have a Redhat9 box for dialup which is configured similarly which does
provide the ms-dns addresses.
However this Mandrake box with 2.6.x kernel is not setting the ms-dns on
the client.

What should I do to debug further?

Thanks

Grahame Jordan

> Grahame Jordan writes:
>> I am running a ppp server and it seems that ms-dns does not work.
(Continue reading)

Permalink | Reply | 1 comment |
headers
Clifford Kite | 7 Sep 2004 16:23
Favicon

Re: ms-dns not working

On Tue, 7 Sep 2004, Grahame Jordan wrote:

|I added the DEBUG to the bit that does the DNS.  I do not get that DEBUG
|in my logs. Hence it looks like it isn't being called.

|What should I do to debug further?

Recipe for a unified chat/pppd PPP debug log file:

  Add the line

  daemon.*;local2.*                              /var/log/ppp.log

  (may need Tab separators) to the /etc/syslog.conf file, and then do
  " killall -HUP syslogd " to make syslogd reread it.

Then start pppd again and all the messages should be in the file above.

---
Clifford Kite                                 http://ckite.no-ip.net

-
To unsubscribe from this list: send the line "unsubscribe linux-ppp" in
the body of a message to majordomo <at> vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Permalink | Reply | 0 comments |
headers
Neil Wilson | 10 Sep 2004 11:10
Picon
Favicon

pppd Filtering

Hi Guys,

I have been trying to solve a problem with a server staying online and not
disconnecting, because activity is keeping the link up.

The activity from the /var/log/messages is "IN=ppp0 OUT= MAC=
SRC=155.239.185.193 DST=155.239.198.170 LEN=48 TOS=0x00 PREC=0x00 TTL=123
ID=49468 DF PROTO=TCP SPT=1919 DPT=445 WINDOW=8760 RES=0x00 SYN URGP=0"

As far as I am aware this is activity cause by the Sasser worm trying to get
into my network, and it is getting blocked by the firewall.

I have tried using ppp filtering to stop these,with the line 'active-filter
"not port 445"' in the options.demand file, but this has made no difference.

I have also tried using different syntax's, including adding "inbound" or
"outbound", and I get the following error. "pppd: error in active-filter
expression: inbound/outbound not supported on linktype 0"

Please could someone help me in filtering this activity, so that my server
disconnects when it is supposed to.

I am running slackware 10, with ppp filtering compiled in the kernel by
default, and pppd has the filter option enable also by default.
My idle time is set to 120 in my options.demand file.

Many thanks in advance!

Neil Wilson
(Continue reading)

Permalink | Reply | 1 comment |
headers
Herbert Xu | 10 Sep 2004 13:10
Picon
Picon

Re: [IPCOMP] Use per-cpu buffers

On Thu, Sep 09, 2004 at 09:16:52AM -0700, David S. Miller wrote:
> 
> > With per-cpu buffers this goes down to 300K per CPU.
> 
> That amount of space just for decompression state is
> rediculious.

Actually most of that space is for compression.  The space for
decompression is only 32K if I read the zlib comment correctly.
However, due to the current crypto interface, you always have
to allocate both and you have to reserve a 64K buffer just in
case the packet is large.

There's gotta be a better way though.  What if the packet length
field was 32 bits? Surely we aren't going to allocate a 4G buffer :)

James, can you think of a general solution to the 64K buffer in
terms of the crypto decompression interface?

> A second thought is that we may not be the only part
> of the kernel interested in a per-cpu zlib scratch
> buffer, no?

There are two other users.  JFFS2 is already using one global copy
accessed through a semaphore.  Maybe we should move the IPCOMP
processing into process context as well since it's so slow.

PPP is the other user and allocates one for each device that requests
for deflate compression.
(Continue reading)

Permalink | Reply | 0 comments |
headers
p.boehm | 10 Sep 2004 14:46
Favicon

pppd don't create ppp-network-device

Hi,
I'm try to connect to the internet via ppp but it fails because (so I believe)
ppp_generic-module don't create an network-device alias ppp0.

To show that the rest works fine I'll put here the output of pppd/chat from
syslog:

Sep 10 09:55:46 nano pppd[1510]: pppd 2.4.1 started by root, uid 0
Sep 10 09:55:46 nano pppd[1510]: Perms of /dev/ttyS0 are ok, no 'mesg n' neccesary.
Sep 10 09:55:47 nano chat[1511]: abort on (NO CARRIER)
Sep 10 09:55:47 nano chat[1511]: abort on (NO DIALTONE)
Sep 10 09:55:47 nano chat[1511]: abort on (ERROR)
Sep 10 09:55:47 nano chat[1511]: abort on (NO ANSWER)
Sep 10 09:55:47 nano chat[1511]: abort on (Username/Password Incorrect)
Sep 10 09:55:47 nano chat[1511]: send (at^M)
Sep 10 09:55:47 nano chat[1511]: expect (OK)
Sep 10 09:55:48 nano chat[1511]: at^M^M
Sep 10 09:55:48 nano chat[1511]: OK
Sep 10 09:55:48 nano chat[1511]:  -- got it
Sep 10 09:55:48 nano chat[1511]: send (at&d0&c1^M)
Sep 10 09:55:48 nano chat[1511]: expect (OK)
Sep 10 09:55:48 nano chat[1511]: ^M
Sep 10 09:55:48 nano chat[1511]: at&d0&c1^M^M
Sep 10 09:55:48 nano chat[1511]: OK
Sep 10 09:55:48 nano chat[1511]:  -- got it
Sep 10 09:55:48 nano chat[1511]: send (atdt0172229000^M)
Sep 10 09:55:48 nano chat[1511]: expect (name:)
Sep 10 09:55:48 nano chat[1511]: ^M
Sep 10 09:56:02 nano chat[1511]: atdt0172229000^M^M
Sep 10 09:56:02 nano chat[1511]: CONNECT 9600/RLP^M
(Continue reading)

Permalink | Reply | 1 comment |
headers
James Morris | 10 Sep 2004 17:42
Picon
Favicon

Re: [IPCOMP] Use per-cpu buffers

On Fri, 10 Sep 2004, Herbert Xu wrote:

> James, can you think of a general solution to the 64K buffer in
> terms of the crypto decompression interface?

I haven't looked at the code for a while, but I think we might be able to 
save some memory by specifying compression parameters and making the 
appropriate changes to zlib.

- James
--

-- 
James Morris
<jmorris <at> redhat.com>

-
To unsubscribe from this list: send the line "unsubscribe linux-ppp" in
the body of a message to majordomo <at> vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Permalink | Reply | 0 comments |

Gmane