This document was born of frustration, as are many good technical tips pages. I was converting a system from RedHat 4.2 to 5.2 and in the process replacing darn near everything in the box. Some things that were configured identically in 4.2 and 5.2 simply failed to function on 5.2.
So, this document is my list of things I had to do to get the functionality I'd had previously, and have it work again. I hope this saves others from the frustrations I had. As with all of my tech tips pages, if you found this information useful, please drop me an email to let me know.
To make dialup work the way I want, there are a number of things I expect to have work. These are:
In this file, turn on IP Forwarding. Redhat's installation turned off forwarding (or never turned it on) because only a single LAN interface was detected. Since the PPP interface comes and goes based on dialup, it's harder to guess that should be on.
With RHL 4.2, the IP forwarding on/off question was a kernel configuration. I had turned it on long ago for other reasons. To turn it on in 5.2, change the line:
FORWARD_IPV4=falseto read
FORWARD_IPV4=trueand that takes care of that file. Rebooting the system will be required when you make that change.
The pap-secrets file seems to change from one release of PPP to the next. With an older release, the one on RHL 4.2, the 4th field had to be missing. With 5.2, it has to be there. Documentation and examples are lacking. Lines in this file should read either:
* dialin "" *to let every user in your passwd database log in (not recommended), or:
fred dialin "" * joe dialin "" *and so forth, with fred and joe being users in your passwd file. This effectively permits you to select which users will be allowed to dial in. The word "dialin" in the examples comes into play in the AutoPPP configuration. See the section on /etc/mgetty+sendfax/login.config for where this correlates.
RedHat ships mgetty compiled with AutoPPP included, fortunately. The config line in the login.config file is commented out by default. The line as shipped is:
#/AutoPPP/ - a_ppp /usr/sbin/pppd auth -chap +pap login kdebug 7 debugRemove the comment at the beginning of the line, add "name dialin" to the line, and remove the debugging items (once you're done debugging). You'll end up with:
/AutoPPP/ - a_ppp /usr/sbin/pppd auth -chap +pap login name dialupand that works. When a simple terminal emulator dials in, it'll get a login prompt. If a user dials in with Win95/98 dialup networking, or anything similar, PPP LCP packets are sprayed at the login prompt, and the autoPPP code figures this out and shifts into PPP mode.
The contents of this file, as shipped with RHL 5.2, seem problematic. This is the original content:
#%PAM-1.0 auth required pam_nologin.so auth required pam_pwdb.so shadow nullok account required pam_pwdb.so session required pam_pwdb.soTwo areas for concern show up. First, in every other PAM control file, RedHat has /lib/security prefixing the PAM module names. Second, this setup seems to require shadow passwords, which may or may not be in use at a given site. Making some changes, a working config might be:
#%PAM-1.0 auth required /lib/security/pam_nologin.so auth required /lib/security/pam_pwdb.so nullok account required /lib/security/pam_pwdb.so session required /lib/security/pam_pwdb.so
Your inittab needs to be modified to spawn an mgetty for any serial port which will have a modem attached. for example:
mod:2345:respawn:/sbin/mgetty -D -s 115200 ttyC0Replace the ttyC0 with whatever's appropriate for your system's serial ports.
I found the following items were needed in the PPP options file.
lock asyncmap 0 netmask 255.255.255.0 proxyarp crtscts modem
:192.168.1.200
If you found this information helpful and useful, please let me know. If you require further information or assistance in this area, this can be arranged. For consultation beyond simple questions, Amaranth Networks, Inc. can provide advice, services and information for a fee.