Re: [2.1.35] PPP device increments after HUP

• Messages sorted by: [ date ][ thread ][ subject ][ author ]
• Next message: Jeffrey Wiegley: "What causes dropped packets on eth0?"
• Previous message: Steffen Grunewald: "Re: procfs problems"

> although PPP devices are traditionally short-lived and number independant,
> with static, dedicated connections there should be some rhyme and reason
> to device number allocation. When we ifconfig an ethernet device, it darn
> well matters whether we're talking about eth0 or eth1 (especially with
> firewalls!!). I don't see why PPP devices shouldn't enjoy the same
> consistancy. To go a step further, perhaps pppd should be able to be
> given a device number to assign at startup. That way, PPP connections
> can be relied upon to have set device orders even when started out of
> sequence (think of a PPP firewall with dynamic IP's on each end. Contrived,
> I know, but valid nonetheless). =]

Valid example. Or would you trust your dialup users? Not even when they're
stuck in concrete upto the throat ;-)

You should put all the stuff that is dependand of the assigned interface
into the scripts /etc/ppp/ip-up and /etc/ppp/ip-down. From the man page:

ipparam string
Provides an extra parameter to the ip-up and ip-
down scripts. If this option is given, the string
supplied is given as the 6th parameter to those
scripts.

[...]

/etc/ppp/ip-up
A program or script which is executed when the link
is available for sending and receiving IP packets
(that is, IPCP has come up). It is executed with
the parameters

interface-name tty-device speed local-IP-address
===> ^^^^^^^^^^^^^^
remote-IP-address

and with its standard input, output and error
streams redirected to /dev/null.

This program or script is executed with the same
real and effective user-ID as pppd, that is, at
least the effective user-ID and possibly the real
user-ID will be root. This is so that it can be
used to manipulate routes, run privileged daemons
(e.g. sendmail), etc. Be careful that the con-
tents of the /etc/ppp/ip-up and /etc/ppp/ip-down
scripts do not compromise your system's security.

/etc/ppp/ip-down
A program or script which is executed when the link
is no longer available for sending and receiving IP
packets. This script can be used for undoing the
effects of the /etc/ppp/ip-up script. It is
invoked with the same parameters as the ip-up
script, and the same security considerations apply,
since it is executed with the same effective and
real user-IDs as pppd.

No kernel magic involved ...

Ralf

• Next message: Jeffrey Wiegley: "What causes dropped packets on eth0?"
• Previous message: Steffen Grunewald: "Re: procfs problems"