[lug] ppp and eth0
Chuck Morrison
cmorrison at greeleynet.com
Wed Apr 28 17:51:45 MDT 2004
Gary,
NOAA has a security policy that states that you can't be connected to
NOAA via PPP and also be connected to another network. It isn't so much
a matter of not being able to do it technically, but conforming to the
security regs. The student is correct, from a policy standpoint.
I would guess that you could talk with the security folks to see what
you can do about this particular case if you need to be on the lan all
the time.
Chuck Morrison
Gary Hodges wrote:
> rm at fabula.de wrote:
>
>> On Wed, Apr 28, 2004 at 09:28:54AM -0600, Gary Hodges wrote:
>>
>>
>>> Do I need to bring eth0 down when making a ppp connection? I've had
>>> a student working on a task for me and he believes that eth0 needs to
>>> be brought down before the ppp connection is established. This
>>> doesn't make sense to me, but it wouldn't be the first time he proved
>>> me wrong.
>>>
>>> Gray
>>>
> ^^^^^
> That would be "Gary," but Gray sounds like a decent nickname....
>
>>> I might be able to help more if you can provide a bit more information.
>>>
>
> Thanks for the offer. My configuration is an isolated machine connected
> to an instrument with CAT5 cable, and a modem on /dev/ttyS1 with ppp
> used to connect to the internet when needed.
>
> eth0: (PC: 192.168.0.1) -> (Instrument: 192.168.0.2)
> ppp: Dials an ISP (NIST) to connect to the internet to upload data, set
> time, etc.
>
> I have to confess an almost total lack of knowledge with Linux and PPP.
> I've let another person deal with this totally and I'm now just sticking
> my nose in because some things don't make sense. My problem is that
> when PPP is active, I don't get data through eth0. Also, if I fail to
> connect with PPP than I'm left with no connection to my instrument. I
> actually just commented out the portions of the scripts that bring eth0
> down and it seemed to work, so maybe I'm fine now.
>
> Of course, I ship this computer to Mississippi tomorrow so everything
> has to be bullet proof today. :-) I'd like to have the simplest scripts
> to accomplish the task.
>
> The current scripts with my latest comments:
> --------------
> gwn-tsi:/home/tsi# more /etc/ppp/ppp-on
> #!/bin/sh
> #/sbin/ifconfig eth0 down
> cp /etc/ppp/options.bak /etc/ppp/options
> exec /usr/sbin/pppd /dev/ttyS1 57600
> ---------------
> gwn-tsi:/home/tsi# more /etc/ppp/ppp-off
> #!/bin/sh
> DEVICE=ppp0
> #
> # If the ppp0 pid file is present then the program is running. Stop it.
> if [ -r /var/run/$DEVICE.pid ]; then
> kill -INT `head -1 /var/run/$DEVICE.pid`
> #
> # If the kill did not work then there is no process running for this
> # pid. It may also mean that the lock file will be left. You may wish
> # to delete the lock file at the same time.
> if [ ! "$?" = "0" ]; then
> rm -f /var/run/$DEVICE.pid
> echo "ERROR: Removed stale pid file"
> exit 1
> fi
> #
> # Success. Let pppd clean up its own junk.
> echo "PPP link to $DEVICE terminated."
> /sbin/route delete default
> mv /etc/ppp/options /etc/ppp/options.bak
> #/sbin/ifconfig eth0 up
> #/sbin/route add -net 127.0.0.0 netmask 255.0.0.0 dev lo
> #/sbin/route add default gw 140.172.144.1
>
> exit 0
> fi
> #
> # The PPP process is not running for ppp0
> echo "ERROR: PPP link is not active on $DEVICE"
> exit 1
>
>
>
>
> _______________________________________________
> Web Page: http://lug.boulder.co.us
> Mailing List: http://lists.lug.boulder.co.us/mailman/listinfo/lug
> Join us on IRC: lug.boulder.co.us port=6667 channel=#colug
>
More information about the LUG
mailing list