JC Tsai | 2 Mar 04:57 2011
Picon

How to assign specified PPP interface?


Hi all,

If I didn't make any specified configuration, when the first PPTP client 
connects to pptpd server,
pppd will assign ppp0 to this PPTP client automatically, such as the message 
showed below:

# ifconfig ppp0
ppp0      Link encap:Point-to-Point Protocol
          inet addr:192.168.44.1  P-t-P:192.168.44.10  Mask:255.255.255.255
          UP POINTOPOINT RUNNING NOARP MULTICAST  MTU:1400  Metric:1
          RX packets:19 errors:0 dropped:0 overruns:0 frame:0
          TX packets:7 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:64
          RX bytes:1520 (1.4 KiB)  TX bytes:100 (100.0 B)

But I would like to assign the specified PPP interface starting from ppp3,
would you please tell me how to do this? no matter by configuration file,
or by re-modify the source code. Any help will be appreciated.

Best Regards,
JC Tsai 

------------------------------------------------------------------------------
Free Software Download: Index, Search & Analyze Logs and other IT data in 
Real-Time with Splunk. Collect, index and harness all the fast moving IT data 
generated by your applications, servers and devices whether physical, virtual
or in the cloud. Deliver compliance at lower cost and gain new business 
insights. http://p.sf.net/sfu/splunk-dev2dev 
(Continue reading)

JC Tsai | 1 Mar 15:43 2011
Picon

How to assign specified PPP interface?

 
Hi all,
 
Can anyone tell me how to assign specified PPP interface when pptpd calls pppd? For our case, we need to reserve ppp0 to ppp2 for other applications to use, so I have to assign PPP interface starting from ppp3 for pptpd. How to modify it? It the source code needs to be modified, would you please tell me which function or source file that I should investigate or trace? Any help will be appreciated.
 
Thanks,
JC Tsai
------------------------------------------------------------------------------
Free Software Download: Index, Search & Analyze Logs and other IT data in 
Real-Time with Splunk. Collect, index and harness all the fast moving IT data 
generated by your applications, servers and devices whether physical, virtual
or in the cloud. Deliver compliance at lower cost and gain new business 
insights. http://p.sf.net/sfu/splunk-dev2dev 
_______________________________________________
Poptop-server mailing list
Poptop-server <at> lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/poptop-server
James Cameron | 2 Mar 22:30 2011

Re: How to assign specified PPP interface?

On Tue, Mar 01, 2011 at 10:43:02PM +0800, JC Tsai wrote:
> Can anyone tell me how to assign specified PPP interface when pptpd
> calls pppd?

The unit number is assigned by pppd, not by pptpd.

pppd can use the "unit" option.  Easiest place to put this is in the
options file that pppd is given.  Exactly where that is depends on your
distribution choice or how you build pptpd, but usually it is in
/etc/ppp and provided by the pptpd package as options.pptpd.

If the unit number is already in use, the next available is used
instead.

See "man pppd" and search for the unit option.

Another method to solve this is to direct the other applications, which
may create fewer interfaces, to use higher numbered units.

--

-- 
James Cameron
http://quozl.linux.org.au/

------------------------------------------------------------------------------
Free Software Download: Index, Search & Analyze Logs and other IT data in 
Real-Time with Splunk. Collect, index and harness all the fast moving IT data 
generated by your applications, servers and devices whether physical, virtual
or in the cloud. Deliver compliance at lower cost and gain new business 
insights. http://p.sf.net/sfu/splunk-dev2dev 
James Cameron | 2 Mar 22:30 2011

Re: How to assign specified PPP interface?

This appears to be the same question put another way.

--

-- 
James Cameron
http://quozl.linux.org.au/

------------------------------------------------------------------------------
Free Software Download: Index, Search & Analyze Logs and other IT data in 
Real-Time with Splunk. Collect, index and harness all the fast moving IT data 
generated by your applications, servers and devices whether physical, virtual
or in the cloud. Deliver compliance at lower cost and gain new business 
insights. http://p.sf.net/sfu/splunk-dev2dev 
JC Tsai | 3 Mar 14:09 2011
Picon

Re: How to assign specified PPP interface?


Hi,

I found it's wired if I use a global variable to pass the specified PPP 
interface number from pptp_manager to pptpctrl. The first time, it works and 
the PPP number will be set to the # I want(such as ppp6). However, at the 
second time, I can't pass 7 to pptpctrl, and it will use ppp0. Finally I use 
clientNumber to reach the result I want. Pesudo code is as follows:

In "static void connectCall(int clientSocket, int clientNumber)"

Everytime pptpctrl is fork, clientNumber will be unique and different,

        /* set up PPP interface number */
        NUM2ARRAY(ppp_num_str,clientNumber+6);
        ppp_num_digit = strlen(ppp_num_str);
        ppp_num_str[ppp_num_digit] = '\0';
        ctrl_argv[pptpctrl_argc++] = ppp_num_str;

        /* terminate argv array with a NULL */
        ctrl_argv[pptpctrl_argc] = NULL;
        pptpctrl_argc++;

Thus I can pass ppp_number (as the last pptpctrl option) to pptpctrl, when 
two clients connected, the result is as:

ppp6      Link encap:Point-to-Point Protocol
          inet addr:192.168.44.1  P-t-P:192.168.44.10  Mask:255.255.255.255
          UP POINTOPOINT RUNNING NOARP MULTICAST  MTU:1400  Metric:1
          RX packets:24 errors:2 dropped:0 overruns:0 frame:0
          TX packets:9 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:64
          RX bytes:2194 (2.1 KiB)  TX bytes:108 (108.0 B)

ppp7      Link encap:Point-to-Point Protocol
          inet addr:192.168.44.1  P-t-P:192.168.44.11  Mask:255.255.255.255
          UP POINTOPOINT RUNNING NOARP MULTICAST  MTU:1400  Metric:1
          RX packets:27 errors:2 dropped:0 overruns:0 frame:0
          TX packets:9 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:64
          RX bytes:2552 (2.4 KiB)  TX bytes:108 (108.0 B)

This is what I want. Thanks for your "unit information". However, I just 
wonder if the clientNumbers are sequential starting from 0 or not? Or it 
will be assigned randomly?

Regards,
JC Tsai

"James Cameron" <quozl <at> laptop.org> 
???????:20110302213028.GA3460 <at> us.netrek.org...
> On Tue, Mar 01, 2011 at 10:43:02PM +0800, JC Tsai wrote:
>> Can anyone tell me how to assign specified PPP interface when pptpd
>> calls pppd?
>
> The unit number is assigned by pppd, not by pptpd.
>
> pppd can use the "unit" option.  Easiest place to put this is in the
> options file that pppd is given.  Exactly where that is depends on your
> distribution choice or how you build pptpd, but usually it is in
> /etc/ppp and provided by the pptpd package as options.pptpd.
>
> If the unit number is already in use, the next available is used
> instead.
>
> See "man pppd" and search for the unit option.
>
> Another method to solve this is to direct the other applications, which
> may create fewer interfaces, to use higher numbered units.
>
> -- 
> James Cameron
> http://quozl.linux.org.au/
>
> ------------------------------------------------------------------------------
> Free Software Download: Index, Search & Analyze Logs and other IT data in
> Real-Time with Splunk. Collect, index and harness all the fast moving IT 
> data
> generated by your applications, servers and devices whether physical, 
> virtual
> or in the cloud. Deliver compliance at lower cost and gain new business
> insights. http://p.sf.net/sfu/splunk-dev2dev 

------------------------------------------------------------------------------
Free Software Download: Index, Search & Analyze Logs and other IT data in 
Real-Time with Splunk. Collect, index and harness all the fast moving IT data 
generated by your applications, servers and devices whether physical, virtual
or in the cloud. Deliver compliance at lower cost and gain new business 
insights. http://p.sf.net/sfu/splunk-dev2dev 
Sai Duan | 6 Mar 07:47 2011
Picon

Need help for iptables

Dear All:

I want to build a vpn server on one of my computer. Following is the details

Client Name : client
Client Tunnel Network Interface :       ppp0
Client Tunnel Network Interface Address :       10.255.255.200
Server Name :   server
Server Tunnel Network Interface :       ppp0
Server Tunnel Network Interface Address :       10.1.1.2
Server External Network Interface :     eth1
Server External Network Interface Address :     210.34.14.211
Target External Network Interface Address :     210.34.4.20

I have get the correct ip "10.255.255.200" from the vpn server and can ping server's ip "10.1.1.2". As said in the website
http://poptop.sourceforge.net/dox/redhat-howto.phtml
"Once you can ping from the client to the server using the IP address assigned within the tunnel, you know it works".
This means that I install vpn software successfully.

"You may need to configure your server to forward the packets further, but that's a routing problem that has nothing specific to do with pptpd"

However, I am not familiar with iptables. So I used the website
http://poptop.sourceforge.net/dox/diagnose-forwarding.phtml?cn=client&ctni=ppp0&ctnia=10.255.255.200&sn=server&stni=ppp0&stnia=10.1.1.2&seni=eth0&senia=210.34.14.211&tenia=210.34.4.20
to diagnose the rule of iptables

I have passed first four steps and failed in

Test 4

Can the server forward the requests to the target?

The suggestion from the website is

"The most common cause of failure for this test is iptables FORWARD rules."

How can I fix this problem?





Best regards.

Sai Duan
03/06/2011
------------------------------------------------------------------------------
What You Don't Know About Data Connectivity CAN Hurt You
This paper provides an overview of data connectivity, details
its effect on application quality, and explores various alternative
solutions. http://p.sf.net/sfu/progress-d2d
_______________________________________________
Poptop-server mailing list
Poptop-server <at> lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/poptop-server
James Cameron | 6 Mar 23:54 2011

Re: Need help for iptables

On Sun, Mar 06, 2011 at 02:47:04PM +0800, Sai Duan wrote:
> Test 4
> Can the server forward the requests to the target?
> The suggestion from the website (James Cameron) is
> "The most common cause of failure for this test is iptables FORWARD rules."
> How can I fix this problem?

Examine the iptables rules on the server.  You may use iptables-save or
variations of the iptables --list command.

Understand the meaning and effect of each of the FORWARD rules.

Determine which of these rules might block the packets.

Research why the rules are currently in place on your server.

Remove the rules that block the packets, then repeat the test.

If there are no FORWARD rules, check all iptables rules and subject them
to the same analysis.

If there are no iptables rules at all, then I have no explanation.

Check also the validity of your input data to "Test 4" ... if the server
has more than one target side interface, not just eth0, then you may be
testing the wrong interface.  "Server External Network Interface :
eth0".  You might combine both "Test 3" and "Test 4", to confirm that
"ping" in "Test 3" is seen by the "tcpdump" in "Test 4".

--

-- 
James Cameron
http://quozl.linux.org.au/

------------------------------------------------------------------------------
What You Don't Know About Data Connectivity CAN Hurt You
This paper provides an overview of data connectivity, details
its effect on application quality, and explores various alternative
solutions. http://p.sf.net/sfu/progress-d2d
amir reza rahbaran | 14 Mar 08:03 2011
Picon

problem with https

when I use encryption with MPPE  at /etc/ppp/options.pptpd I couldn't see some web sites with https protocol especially yahoo.com. I wonder there is some one encounter this problem before?
my configuration in /etc/ppp/options.pptpd  is as follows:

lock
#uncomment when testing:
debug
name pptpd
proxyarp
asyncmap 0
+pap                   
+chap                 
+mschap            
+mschap-v2        
+mppe                
lcp-echo-failure 30
lcp-echo-interval 5
ipcp-accept-local
ipcp-accept-remote
ms-dns 4.2.2.4
ms-dns 4.2.2.1
plugin radius.so
plugin radattr.so
plugin radrealms.so

--
Ya Mahdi

------------------------------------------------------------------------------
Colocation vs. Managed Hosting
A question and answer guide to determining the best fit
for your organization - today and in the future.
http://p.sf.net/sfu/internap-sfd2d
_______________________________________________
Poptop-server mailing list
Poptop-server <at> lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/poptop-server
James McDonald | 14 Mar 14:36 2011
Picon

Re: problem with https

On 14/03/11 18:03, amir reza rahbaran wrote:
when I use encryption with MPPE  at /etc/ppp/options.pptpd I couldn't see some web sites with https protocol especially yahoo.com. I wonder there is some one encounter this problem before?
my configuration in /etc/ppp/options.pptpd  is as follows:

lock
#uncomment when testing:
debug
name pptpd
proxyarp
asyncmap 0
+pap                   
+chap                 
+mschap            
+mschap-v2        
+mppe                
lcp-echo-failure 30
lcp-echo-interval 5
ipcp-accept-local
ipcp-accept-remote
ms-dns 4.2.2.4
ms-dns 4.2.2.1
plugin radius.so
plugin radattr.so
plugin radrealms.so

--
Ya Mahdi

Check  your MTU for the physical adaptor that the ppp0 on the server is running on you may need to reduce the MTU so you don't fragment packets. I had similar issues with some websites working and others not. Which was traced to MTU.




------------------------------------------------------------------------------
Colocation vs. Managed Hosting
A question and answer guide to determining the best fit
for your organization - today and in the future.
http://p.sf.net/sfu/internap-sfd2d
_______________________________________________
Poptop-server mailing list
Poptop-server <at> lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/poptop-server
Charlie Brady | 14 Mar 16:00 2011

Re: problem with https


On Mon, 14 Mar 2011, James McDonald wrote:

> On 14/03/11 18:03, amir reza rahbaran wrote:

>> when I use encryption with MPPE at /etc/ppp/options.pptpd I couldn't 
>> see some web sites with https protocol especially
>> yahoo.com<http://yahoo.com>. I wonder there is some one encounter this
>> problem before?
...
> Check your MTU for the physical adaptor that the ppp0 on the server is
> running on you may need to reduce the MTU so you don't fragment packets.
> I had similar issues with some websites working and others not. Which
> was traced to MTU.

MTU is only indirectly the problem. The problem is inappropriate filtering 
of ICMP:

http://www.phildev.net/mss/mss-talk.pdf

---
Charlie

------------------------------------------------------------------------------
Colocation vs. Managed Hosting
A question and answer guide to determining the best fit
for your organization - today and in the future.
http://p.sf.net/sfu/internap-sfd2d

Gmane