Date: Mon, 06 Jul 1998 03:54:44 +0200 From: Martin Blapp <blapp@attic.ch> To: freebsd-questions@FreeBSD.ORG, peter@FreeBSD.ORG Subject: Pppd(8) active-filter problem Message-ID: <35A02E64.7C5C712E@attic.ch>
next in thread | raw e-mail | index | archive | help
Hello For three days I'm trying to use pppd on FreeBSD Stable 2.2.6 (CVSUP'ed this morning) with the option active-filter and dial on demand. But I newer managed it to work properly. Has pppd some known problems with these options ? My system-configuration: --------------------------------------------------- [/etc/ppp/options] /dev/cuaa1 lock 115200 modem crtscts user mblapp noipdefault defaultroute idle 20 ipcp-accept-remote ipcp-accept-local asyncmap ffffffff demand debug kdebug 1 noipdefault noipx active-filter 'some expressions as described below' --------------------------------------------------- To start pppd I use: pppd connect 'chat -f /etc/ppp/solnet.chat' :194.235.47.6 in connection with natd: natd -dynamic -use_sockets -same_ports -unregistered_only -interface ppp0 --------------------------------------------------- I tried to use several active-filter options, but it isn't working. :-( I experienced with tcpdump to find the filter-expression, after some time I found that tcpdump -i ppp0 -n '(ip and (port 20 or port 21 or port 22 or port 23 or port 25 or port 80 or port 110 or port 513 or port 6000 or port 6010 or port 6667)) or (port 53 and not host (198.41.0.4 or 128.9.0.107 or 192.33.4.12 or 128.8.10.90 or 192.203.230.10 or 192.5.5.241 or 192.112.36.4 or 128.63.2.53 or 192.36.148.17 or 198.41.0.10 or 193.0.14.129 or 198.32.64.12 or 202.12.27.33 or 194.235.47.66 or 194.235.60.10)) or (tcp and icmp[0]!=8)' would match my dialup. All the router packets disappeared and it also ignored named(8) when it connnected all ten minutes to his rootservers :) But I wasn't able to adopt this to pppd. (The man-page for pppd explains the filter option in a way that is not clear) I tried the following active-filter 'not (ip and (port 20 or port 21 or port 22 or port 23 or port 25 or port 80 or port 110 or port 513 or port 6000 or port 6010 or port 6667)) or not(port 53 and not host (198.41.0.4 or 128.9.0.107 or 192.33.4.12 or 128.8.10.90 or 192.203.230.10 or 192.5.5.241 or 192.112.36.4 or 128.63.2.53 or 192.36.148.17 or 198.41.0.10 or 193.0.14.129 or 198.32.64.12 or 202.12.27.33 or 194.235.47.66 or 194.235.60.10)) or not (tcp and icmp[0]!=8)' To start the connection, the filter-expression works fine. A simple ping or sendmail are enough to start. Connections to other ports as described above don't initialize the link. But pppd never hung up. I tried to watch the connection with tcpdump (see above), but I couldn't see anything. With tcpdump -i ppp0 I couldn't see anything but OSPFv2 packets which appeared all ten seconds. : 01:49:10.404038 oensingen1-s0.solnet.ch > OSPF-ALL.MCAST.NET: OSPFv2-hello 44: rtrid oensingen1-e0.solnet.ch backbone [tos 0xc0] [ttl 1] 01:49:20.404038 oensingen1-s0.solnet.ch > OSPF-ALL.MCAST.NET: OSPFv2-hello 44: rtrid oensingen1-e0.solnet.ch backbone [tos 0xc0] [ttl 1] btw. active-filter "udp port not ntp" also doesn't work :-( In the logs I see : Jul 5 01:47:43 atreju pppd[22797]: Connect: ppp0 <--> /dev/cuaa1 Jul 5 01:47:44 atreju /kernel: ppp0: bad fcs 17b3, pkt len 161 Jul 5 01:47:47 atreju pppd[22797]: Local IP address changed to 194.235.47.99 Jul 5 01:47:59 atreju pppd[22797]: Connection terminated, connected for 1 minutes Here I killed pppd -HUP Jul 5 01:49:08 atreju pppd[22797]: Connect: ppp0 <--> /dev/cuaa1 Jul 5 01:49:09 atreju /kernel: ppp0: bad fcs fa71, pkt len 161 Jul 5 01:49:12 atreju pppd[22797]: Local IP address changed to 194.235.47.97 Jul 5 01:49:26 atreju /kernel: ppp0: promiscuous mode enabled Jul 5 01:49:37 atreju /kernel: ppp0: promiscuous mode enabled Sometimes I can see this "promiscuous mode", but I have no idea what it could be ... Beside this - it isn't working the way I exspect in this mode too :-( Any ideas anyone? Please help if you see me problem or if you know that the option active-filter is broken ... Thanks in advance, Martin -- ------------------------------------------------------------------------ Martin Blapp, (blapp@attic.ch) Attic Internet Services, Bechburgstrasse 8, 4702 Oensingen, Switzerland Phone: +41 62 396 43 70, Fax: +41 62 396 43 72 PGP fingerprint: 4E96 1AE8 4AA6 AB40 1AD6 DB42 7623 995D 522A 1D38 ------------------------------------------------------------------------ Public key available at: http://www.attic.ch/pgp-public.html To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?35A02E64.7C5C712E>