RE: ppp_mppe+pptp for 2.6.14?

From: Matt_Domsch
Date: Tue Aug 30 2005 - 08:38:02 EST

Next message: Jesper Juhl: "Re: [PATCH] isdn_v110 warning fix"
Previous message: Daniel Drake: "Re: Very strange Marvell/Yukon Gigabit NIC networking problems"
In reply to: James Cameron: "Re: ppp_mppe+pptp for 2.6.14?"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

james.cameron@xxxxxx wrote:
> On Mon, Aug 29, 2005 at 05:10:34PM -0500, Matt Domsch wrote:
>> I've asked James Cameron, pptp project lead, to try a test to force
>> the server side to issue a CCP DOWN, to make sure the client-side
>> kernel ppp_generic module does the right thing and drops packets.
>
> I've tested this now with a host running kernel 2.6.13 with Matt's
> SC_MUST_COMP patch to the kernel and to ppp 2.4.4b1, sending SIGUSR2
> to the pppd while flooding the connection with pings from the server.
>
> The result is an LCP TermReq from the server to the client, after
> which no further data packets appear. All the data packets up to the
> LCP TermReq are encrypted. The client sends an LCP TermAck, then
> takes down the interface. There's sign of CCP down, in that a CCP
> ConfReq appears from the server just after the LCP TermReq.
>
> I'm not sure this is an adequate test, and will take advice on that.
>
> Test configuration;
>
> - server, 2.6.13 + SC_MUST_COMP, ppp 2.4.4b1 + SC_MUST_COMP, pptpd
> 1.3.1
> - client, 2.6.12.5 + SC_MUST_COMP, ppp 2.4.4b1 + SC_MUST_COMP, pptp
> 1.5.0
>
> Client side pppd log fragment;
>
> local IP address 10.8.0.2
> remote IP address 10.8.0.1
> Script /etc/ppp/ip-up started (pid 5036) Script /etc/ppp/ip-up
> finished (pid 5036), status = 0x0 rcvd [LCP TermReq id=0x2 "MPPE
> disabled"] LCP terminated by peer (MPPE disabled) Connect time 0.4
> minutes.
> Sent 262920 bytes, received 262920 bytes.
> Script /etc/ppp/ip-down started (pid 5048) sent [LCP TermAck id=0x2]
> rcvd [CCP ConfReq id=0x2 <mppe +H -M +S -L -D -C>] Discarded non-LCP
> packet when LCP not open Script /etc/ppp/ip-down finished (pid 5048),
> status = 0x0 Connection terminated.
> Modem hangup

This looks good. One more thing I would ask, please repeat with a
server that doesn't have the SC_MUST_COMP pppd patch. On SIGUSR2
the unmodified server should still send CCP DOWN to the client, which
should start dropping packets.

Thanks,
Matt

--
Matt Domsch
Software Architect
Dell Linux Solutions linux.dell.com & www.dell.com/linux
Linux on Dell mailing lists @ http://lists.us.dell.com
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: Jesper Juhl: "Re: [PATCH] isdn_v110 warning fix"
Previous message: Daniel Drake: "Re: Very strange Marvell/Yukon Gigabit NIC networking problems"
In reply to: James Cameron: "Re: ppp_mppe+pptp for 2.6.14?"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]