Building an ISP Using Linux and an Intranet
This confirmation, which provides people with shell dial-up access, can be modified to provide dial-up PPP access to customers. We chose to modify the default login program (in the poeigl package) because we wanted to provide both PPP and shell access (useful when I'm remotely setting up someone's machine). The ppplogin program has a prompt that looks like this:
Username: jsmith Password: Please select PPP or Shell access: 1) PPP 2) Shell Please enter your choice: 1
If the user picks the shell, Linux invokes the standard defined shell for the user. If PPP is selected, a script invokes pppd for the dial-up user and dynamically allocates him an IP address. Part of the C code for invoking the ppp script file looks like this:
/* --- PPP account login --- */ execlp ("/bin/sh", "-sh", "-c", "/etc/ppp/ppplogin", (char *)0); fprintf (stderr, "login: couldn't exec shell script: %s.\n", strerror (errno)); exit(0);The /etc/ppp/ppplogin is shown in Listing 4.
When a user selects ppp, the server looks up the tty the person dialing in is using and assigns the tty an IP address. If the user always calls in on a specific line, he is given the same IP address. A user dialing in on the first line comes in on ttyC6. This is used to assign an IP address of 18.104.22.168 to the user. This creates a PPP link to the dial-up line like the PPP link to my host. The important parameters related to this tty/ppp connection in the ppplogin script are as follows:
Detach—don't run as a background process.
Modem—use the carrier lines to detect things like hanging up
22.214.171.124:126.96.36.199—I am known as 188.8.131.52, and the person on the other end is known as 184.108.40.206.
Early on we found our dedicated connection was frequently dropped by the phone company. I solved this problem by using a program called pppupd which constantly pings our ISP's machine and, if the ping fails, it invokes the ppp-on script to redial the connection.
Most of our customers are Windows 95 users who did not like having to type their name and password in each time they logged on to the server. To remove this source of irritation, we found a different getty package called mgetty, which provides autodetection of PPP dialers for Windows 95 users who want to use the Dial-up Networking dialog box. This has saved us quite a bit of time supporting Windows 95 users. The mgetty package (http://sunsite.unc.edu/pub/Linux/system/Serial/mgetty+sendfax) is difficult to set up, so read the documentation before building. One wonderful feature of this package is the capability to receive faxes on the incoming modem lines without additional hardware or additional lines. We can use the same dial-up lines to receive faxes.
E-mail for us was automatically configured with my Linux installation. You can install pine for shell access and POP v3 for POP server e-mail. If you don't have the POP server installed, you can get a package called pop3d from any of the various sites, such as sunsite.unc.edu, and follow the instructions to install it.
If you want your machine to host web pages, you have to install a web server. We downloaded the Apache web server (http://www.apache.org/) and recompiled and configured it using the available documentation. Compiling the source should create an httpd executable which can be copied into /usr/sbin. In addition, add the line /usr/sbin/httpd in the /etc/rc.d/rc.local configuration file for it to be automatically started during boot up.
Fast/Flexible Linux OS Recovery
On Demand Now
In this live one-hour webinar, learn how to enhance your existing backup strategies for complete disaster recovery preparedness using Storix System Backup Administrator (SBAdmin), a highly flexible full-system recovery solution for UNIX and Linux systems.
Join Linux Journal's Shawn Powers and David Huffman, President/CEO, Storix, Inc.
Free to Linux Journal readers.Register Now!
- Ubuntu Online Summit
- Devuan Beta Release
- The Qt Company's Qt Start-Up
- Download "Linux Management with Red Hat Satellite: Measuring Business Impact and ROI"
- May 2016 Issue of Linux Journal
- The US Government and Open-Source Software
- The Death of RoboVM
- Open-Source Project Secretly Funded by CIA
- New Container Image Standard Promises More Portable Apps
- BitTorrent Inc.'s Sync
In modern computer systems, privacy and security are mandatory. However, connections from the outside over public networks automatically imply risks. One easily available solution to avoid eavesdroppers’ attempts is SSH. But, its wide adoption during the past 21 years has made it a target for attackers, so hardening your system properly is a must.
Additionally, in highly regulated markets, you must comply with specific operational requirements, proving that you conform to standards and even that you have included new mandatory authentication methods, such as two-factor authentication. In this ebook, I discuss SSH and how to configure and manage it to guarantee that your network is safe, your data is secure and that you comply with relevant regulations.Get the Guide