Daemon News 199903 : The Power to Serve YOU!

The Power to Serve YOU!

Copyright © 1999 Donald S. Wilde

One of BSD's great advantages is that it is built around the principle of networking computers together. Networking support is a major feature of BSD, and I'd like to help more of you be aware of some of the things you can do with it, even if you only have one computer.

This first installment (the next will be in 2 months) will cover the basics of connecting to your provider. I'm going to assume that you've found a FreeBSD-based provider, but many of the same tricks will work with any other UN*X ISP. Future issues will cover such things as using your internal Sendmail system as your mail server, putting your internal Apache server temporarily on the Internet for your friends to see, distributed slow-speed video conferencing (for free!), and distributed computing through your modem. Wow, am I getting ambitious! Several grains of salt, please <g>.

When a Windows or Mac user connects to the Internet, he's just acting as a terminal connected via the http and mail protocols. Many BSD users, unaware of their potential, do the same, connecting via a chat script and ppp and then loading Netscape. Since BSD is a fully network-aware operating system, you can do much much more.

First, the basics. I'm going to assume that you have your modem connected to the second serial port, /dev/cuaa1. All of the following scripts make use of the kernel-mode ppp code. Kernel ppp is more efficient, and I would recommend it if you are not going to be doing deep debugging work on your network connection. You must compile it into your kernel before you try to use it.

The following lines go in your kernel configuration file. On FreeBSD, which I use, it's in /usr/src/sys/i386/conf/YOURKERNEL. For more information on building an efficient kernel, see February's Answer man column in Daemon News, or Greg Lehey's book "The Complete FreeBSD", and Greg also has a good description of ppp setup in his book. The following setup is taken from his book almost verbatim.

pseudo-device ppp 1 options PPP_BSDCOMP options PPP_DEFLATE

Your provider may not be setup to accept the BSD compression options; in that case, the kernel ppp will issue a warning message to /var/log/messages, and then continue without compression.

The following scripts live in /etc/ppp, and they should only have permissions for root to execute or modify them. Since ppp is a kernel process, this is an understandable restriction. If this seems clumsy on your personal desktop, you can always use sudo or another setUID program to simplify the process.

Here is the master script. I call it 'ppp-dial-tnt', for my network provider, Thunder Network Technologies. TNT is a FreeBSD-based provider, which is going to make some of the things we're going to do in future parts of this series a lot easier.

#!/bin/sh pppd /dev/cuaa1 57600 connect \ 'chat -f /etc/ppp/dial.chat' \ user localusername

After the shell-select line, the next line activates the pppd daemon to connect using a modem on the second serial port. The 57600 refers to the speed to connect to the serial port across he bus, not to the modem speed, although it should be faster than your modems transmit speed. 115200 and 57600 are good values for today's fast Pentiums. The pppd daemon calls the chat program to actually handle the interaction of the call, based on the contents of another script file, /etc/ppp/dial.chat. The final option in the pppd activation line refers to your user name on the local machine, not your ISP. If you wish to use this script for manual activation of your PPP, it is recommended that you add the line:

tail -f /var/log/messages

Next, here is the dial.chat script. Note that this is not a shell script. The chat program has its own protocol, unique to itself.

ABORT BUSY ABORT 'NO CARRIER' TIMEOUT 5 '' ATZ OK ATDT9988000 TIMEOUT 40 CONNECT \c TIMEOUT 20 ogin:-\\r-ogin: Pispusername ssword: yourpassword

The first two lines tell chat to abort if the modem is not connected or encounters a busy signal. After setting the timeout value to a short interval, the next set of lines choreograph a series of 'expect-response' pairs. Their meaning is as follows:

1) Expect nothing, send a modem wakeup (ATZ).
2) Expect 'OK', send the modem dial string. Preface the number with '*70,' if you need to disable call waiting, or '9,' to get outside a pbx.
3) Set a longer timeout while dialing.
4) Expect 'CONNECT', send nothing (not even a line feed).
5) Shorten the timeout.
6) Expect the sequence 'ogin:'. It is not wise to seek the first character of a modem send string, as it may be garbled. The rest of that line sets us up for a second chance if a timeout occurs, then sends your user name.
7) The final line sends your ISP password in response to receiving an expect string of 'ssword:'.

In my experience, the chat script is the most likely place to need changes. In my provider's case, I had to add the 'P' in front of my user name and the '\c' to a script that had functioned perfectly with another ISP. See man chat for details. You can add debugging options '-V -e' to the chat command to encourage it to be more verbose with its error messages.

The other major configuration file is /etc/ppp/options. This file controls pppd itself, and, again, consult "The Complete FreeBSD" or man pppd. Unless you are paying for a static IP address, this file will not change except for your domain and user name.

default route crtscts modem noipdefault domain thuntek.net user Pispusername

Depending on your provider's security policies, you may also need files pap-secrets or chap-secrets in /etc/ppp. Your ISP will tell you if you need these authentication files. They both use the form:

ispusername * isp-password

Needless to say, since both have un-encrypted passwords, they should be owned by root and readable only by root.

Finally, here is 'ppp-hangup', whose purpose should be obvious.

#!/bin/sh ifconfig ppp0 down ifconfig ppp0 delete kill `ps -ag | egrep 'pppd' | awk '{print $1}'`

The ifconfig lines remove the ppp0 device from your net routing table gracefully. The reverse quotes on the kill line tell the system to execute the ps | grep | awk pipeline, which returns a list of all the PID's (process ID's) for running pppd processes. The kill command operates on that list. You may get an error message back from this; the pppd daemon will begin its shutdown upon receiving the first kill command, so later PID's may already be gone by the time the kill command goes to take care of them.

Now that we can connect to our ISP, what can we do? Well, of course, you can fire up Netscape Communicator or Chimera and surf the web. You can use any of the many mail agents included with BSD to check your e-mail on the ISP's server, and you can read news from Usenet. I'm not going to go into any details about these, because you're probably already aware of what you can do with all of these programs. I want to suggest some new and even more powerful things that you can also do, and that's what the future installments will be about. I'll just give you a teaser here...

One thing we can do is to install our dial up scripts into our crontab. What I've done here is to set it up so that the system dials my provider once a day at 10:45PM, and breaks the connection an hour and 5 minutes later. Be careful with this, you can annoy your provider by staying on too much without doing anything.

45 22 * * * root /etc/ppp/ppp-dial-tnt 50 23 * * * root /etc/ppp/ppp-hangup

When you're connected, you're on the Internet. You can prove it by issuing a 'ping WWW.FreeBSD.org' command. You can also do command-line FTP and telnets, etc. My experience is that a 33.6K baud line can easily handle three concurrent ftp's without choking, although they certainly run slower. If you look at /var/log/messages with the tail command, you'll see what your 'local' IP address is. Once you know that... but I'm giving it all away. See you next time.

	The Power to Serve YOU! Copyright © 1999 Donald S. Wilde One of BSD's great advantages is that it is built around the principle of networking computers together. Networking support is a major feature of BSD, and I'd like to help more of you be aware of some of the things you can do with it, even if you only have one computer. This first installment (the next will be in 2 months) will cover the basics of connecting to your provider. I'm going to assume that you've found a FreeBSD-based provider, but many of the same tricks will work with any other UNX ISP. Future issues will cover such things as using your internal Sendmail system as your mail server, putting your internal Apache server temporarily on the Internet for your friends to see, distributed slow-speed video conferencing (for free!), and distributed computing through your modem. Wow, am I getting ambitious! Several grains of salt, please <g>. When a Windows or Mac user connects to the Internet, he's just acting as a terminal connected via the http and mail protocols. Many BSD users, unaware of their potential, do the same, connecting via a chat script and ppp and then loading Netscape. Since BSD is a fully network-aware operating system, you can do much much more. First, the basics. I'm going to assume that you have your modem connected to the second serial port, /dev/cuaa1. All of the following scripts make use of the kernel-mode ppp code. Kernel ppp is more efficient, and I would recommend it if you are not going to be doing deep debugging work on your network connection. You must compile it into your kernel before you try to use it. The following lines go in your kernel configuration file. On FreeBSD, which I use, it's in /usr/src/sys/i386/conf/YOURKERNEL. For more information on building an efficient kernel, see February's Answer man column in Daemon News, or Greg Lehey's book "The Complete FreeBSD", and Greg also has a good description of ppp setup in his book. The following setup is taken from his book almost verbatim. `pseudo-device ppp 1 options PPP_BSDCOMP options PPP_DEFLATE` Your provider may not be setup to accept the BSD compression options; in that case, the kernel ppp will issue a warning message to /var/log/messages, and then continue without compression. The following scripts live in /etc/ppp, and they should only have permissions for root to execute or modify them. Since ppp is a kernel process, this is an understandable restriction. If this seems clumsy on your personal desktop, you can always use sudo or another setUID program to simplify the process. Here is the master script. I call it 'ppp-dial-tnt', for my network provider, Thunder Network Technologies. TNT is a FreeBSD-based provider, which is going to make some of the things we're going to do in future parts of this series a lot easier. `#!/bin/sh pppd /dev/cuaa1 57600 connect \ 'chat -f /etc/ppp/dial.chat' \ user localusername` After the shell-select line, the next line activates the pppd daemon to connect using a modem on the second serial port. The 57600 refers to the speed to connect to the serial port across he bus, not to the modem speed, although it should be faster than your modems transmit speed. 115200 and 57600 are good values for today's fast Pentiums. The pppd daemon calls the chat program to actually handle the interaction of the call, based on the contents of another script file, /etc/ppp/dial.chat. The final option in the pppd activation line refers to your user name on the local machine, not your ISP. If you wish to use this script for manual activation of your PPP, it is recommended that you add the line: `tail -f /var/log/messages` Next, here is the dial.chat script. Note that this is not a shell script. The chat program has its own protocol, unique to itself. `ABORT BUSY ABORT 'NO CARRIER' TIMEOUT 5 '' ATZ OK ATDT9988000 TIMEOUT 40 CONNECT \c TIMEOUT 20 ogin:-\\r-ogin: Pispusername ssword: yourpassword` The first two lines tell chat to abort if the modem is not connected or encounters a busy signal. After setting the timeout value to a short interval, the next set of lines choreograph a series of 'expect-response' pairs. Their meaning is as follows: 1) Expect nothing, send a modem wakeup (ATZ). 2) Expect 'OK', send the modem dial string. Preface the number with '70,' if you need to disable call waiting, or '9,' to get outside a pbx. 3) Set a longer timeout while dialing. 4) Expect 'CONNECT', send nothing (not even a line feed). 5) Shorten the timeout. 6) Expect the sequence 'ogin:'. It is not wise to seek the first character of a modem send string, as it may be garbled. The rest of that line sets us up for a second chance if a timeout occurs, then sends your user name. 7) The final line sends your ISP password in response to receiving an expect string of 'ssword:'. In my experience, the chat script is the most likely place to need changes. In my provider's case, I had to add the 'P' in front of my user name and the '\c' to a script that had functioned perfectly with another ISP. See man chat for details. You can add debugging options '-V -e' to the chat command to encourage it to be more verbose with its error messages. The other major configuration file is /etc/ppp/options. This file controls pppd itself, and, again, consult "The Complete FreeBSD" or man pppd. Unless you are paying for a static IP address, this file will not change except for your domain and user name. `default route crtscts modem noipdefault domain thuntek.net user Pispusername` Depending on your provider's security policies, you may also need files pap-secrets or chap-secrets in /etc/ppp. Your ISP will tell you if you need these authentication files. They both use the form: `ispusername * isp-password` Needless to say, since both have un-encrypted passwords, they should be owned by root and readable only by root. Finally, here is 'ppp-hangup', whose purpose should be obvious. #!/bin/sh ifconfig ppp0 down ifconfig ppp0 delete kill `ps -ag \| egrep 'pppd' \| awk '{print $1}'` The ifconfig lines remove the ppp0 device from your net routing table gracefully. The reverse quotes on the kill line tell the system to execute the ps \| grep \| awk pipeline, which returns a list of all the PID's (process ID's) for running pppd processes. The kill command operates on that list. You may get an error message back from this; the pppd daemon will begin its shutdown upon receiving the first kill command, so later PID's may already be gone by the time the kill command goes to take care of them. Now that we can connect to our ISP, what can we do? Well, of course, you can fire up Netscape Communicator or Chimera and surf the web. You can use any of the many mail agents included with BSD to check your e-mail on the ISP's server, and you can read news from Usenet. I'm not going to go into any details about these, because you're probably already aware of what you can do with all of these programs. I want to suggest some new and even more powerful things that you can also do, and that's what the future installments will be about. I'll just give you a teaser here... One thing we can do is to install our dial up scripts into our crontab. What I've done here is to set it up so that the system dials my provider once a day at 10:45PM, and breaks the connection an hour and 5 minutes later. Be careful with this, you can annoy your provider by staying on too much without doing anything. `45 22 * * * root /etc/ppp/ppp-dial-tnt 50 23 * * * root /etc/ppp/ppp-hangup` When you're connected, you're on the Internet. You can prove it by issuing a 'ping WWW.FreeBSD.org' command. You can also do command-line FTP and telnets, etc. My experience is that a 33.6K baud line can easily handle three concurrent ftp's without choking, although they certainly run slower. If you look at /var/log/messages with the tail command, you'll see what your 'local' IP address is. Once you know that... but I'm giving it all away. See you next time. Don Wilde, dwilde1@thuntek.net

The Power to Serve YOU!

Copyright © 1999 Donald S. Wilde

Don Wilde, dwilde1@thuntek.net